Agent Tesla — Malware as a Service

Vulnerability Details

Agent Tesla is one of the most highly distributed malware out there. This malware was first seen in 2014 and has started to make its comeback the past few weeks. Agent Tesla is essentially a keylogger / spyware that can be used to spy on its victims. This malware has been distributed to various threat actors which is why it is known to be a malware as a service. Hackers can purchase this malware and use it directly on whomever they choose. The odd part about this malware is that it is not kept a secret at all. In fact, anyone can go to the official website for this malware and purchase a subscription to use the malware. The malware itself is extremely user friendly, making it highly appealing to low skilled hackers.

Effected Systems

This malware can target almost any form of system or individual. The main attack vector used for this malware is phishing. Attackers will send out an email with the malware embedded in a link or file. Once the user clicks on the link or file, they become infected with the malware. However, since Agent Tesla is a form of spyware, it is extremely sneaky and often goes undetected.

Remediation

The main way to avoid downloading this malware is to only visit trusted websites, never click any links or files within emails where the sender is unknown, and utilize a next gen antivirus software. Utilizing all these tactics will help keep your IT environment safe from malware.