News

Malicious Compiled HTML Help File Delivering Agent Tesla

  • 19 May 2022
  • 0 replies
  • 27 views
Malicious Compiled HTML Help File Delivering Agent Tesla
Userlevel 5
Badge +3
  • Community Manager
  • 24 replies

PaloAlto Unit42 discovered a malicious HTML help file delivering Agent Tesla.
The attack is interesting because attackers are often looking for creative ways to deliver their payloads.
Their purpose in doing so is twofold:

An attempt to bypass security products.
An attempt to bypass security training.
Potential victims may have been trained to avoid documents, scripts and executables from unknown senders, but it is important to be careful of almost any filetype.

Agent Tesla is well-known malware that has been around for a while.
Agent Tesla focuses on stealing sensitive information from a victim's computer and sending that information to the attacker over FTP, SMTP or HTTP.
It does this primarily via keystroke logging, screen capturing, camera recording and accessing sensitive data.


0 replies

Be the first to reply!

Reply