Connect with us

Technology

Sophos discloses threats of 7-year-old information stealer via malicious email spam

Telecoms

NCC Moves to Amend Five Regulatory Instruments

Technology

Android Users at Risk: NCC Flags HiddenAds Malware that Infiltrates Google Play Store

Telecoms

Excise Duty: Telecoms Subscribers in for Over N160 Billion Fresh Tax Burden

Education Technology

NCC Pledges Academia Sustained Funding of Research after N522m Grants

Economy Telecoms

Minister Rejects Enforcement of 5% Excise Duty on Telecoms Subscribers

Technology

Nigeria Should Enforce Data Sovereignty – Ayotunde Coker

Telecoms Education

NCC Doles Out N500m for Research in Nigerian Universities

Telecoms

BREAKING: FG Bans SIM Card Importation

Telecoms

NCC Identifies 72 action points to implement indigenous content Policy

Technology

Sophos discloses threats of 7-year-old information stealer via malicious email spam

Published

1 year ago

on

sophos

Sophos discloses threats of 7-year-old information stealer via malicious email spam

 

The information stealer is called Agent Tesla and, in a new report published today, Sophos researchers explain Agent Tesla’s latest features and functionality. 

Read Also:

Agent Tesla steals information from web browsers, email clients, virtual private network clients, and other software that stores usernames and passwords.

It can capture keystrokes while users are typing, for example entering their password, and record screenshots, so it can see what is on their screen.

The more recent version of the info-stealer can use the Telegram messaging service to communicate with its operators, as well as a software program called Tor (that’s very popular on the dark web) to hide activity like the removal of stolen data.  It also tries to alter software code to block security protection.

“Agent Tesla malware has been active for more than seven years, yet it remains one of the most common threats to Windows users,” said Sean Gallagher, senior security researcher, Sophos.

Gallagher added that the most widespread delivery method for Agent Tesla is malicious spam attachments.

According to him, the email accounts used to spread Agent Tesla are often legitimate accounts that have been compromised.

“Organizations and individuals should, as always, treat email attachments from unknown senders with caution, and verify all attachments before opening them,” he added.

According to Sophos, recommended IT admin checklist for email security includes:

  • Install an intelligent, security solution that can screen, detect and block suspicious emails and their attachments before they reach users
  • Implement the recognised authentication standards to verify emails are what they claim to be
  • Educate employees to spot the warning signs of suspicious emails and what to do if they encounter one
  • Advise users to double check that emails come from the address and the person they claim to
  • Advise users to never open attachments or click on links in emails from unknown senders

Sophos endpoint protection, Intercept X, detects Agent Tesla malware.

Related Topics:
Click to comment

Leave a Reply

Your email address will not be published.

Advertisement

multiplex

mebookshelfandi