When surfing the net we can run into many threats that in one way or another can compromise our security. There are many types of malware designed to steal information and compromise our computers. One of these varieties is Trojans. Today we are echoing a new variant of the Agent Tesla Trojan , which is capable of stealing passwords from browsers, VPN, FTP and email.
Agent Tesla jeopardizes passwords
As we have said, this new variant of the Agent Tesla Trojan is capable of stealing passwords from a wide variety of services and platforms. It can steal passwords from your browser, VPN services, FTP, or email.
It should be mentioned that it is not a new threat. It has been on the net for a few years and uses resources such as the keylogger. However, as is often the case with these types of threats, it has perfected its attacks. Now it is more sophisticated and can further compromise user security.
It has become a very popular threat through emails . It is a reality that e-mail represents a fundamental part of attacks on the Internet today and therefore we must always take care of its use.
Hackers sneak this Trojan through a simple email. This way they can record keystrokes or take screenshots to steal credentials and password. An important problem that breaks down what is the main defensive barrier to protect our accounts: the access code.
But it not only steals passwords, and it also has the ability to steal all the information that is on the clipboard . It can also collect system information or even kill scanning and antimalware processes.
Can steal information from records
According to the security researchers behind the new discovery and analysis, this new variant can easily extract credentials from registries as well as configuration or support files.
The new variant of Agent Tesla targets many applications. Some of them, some of the most popular, are Google Chrome, Chromium, Safari, Brave, FileZilla, Mozilla Firefox, Mozilla Thunderbird, OpenVPN and Outlook.
Its function is to collect the credentials and configuration data of the application and later deliver them to its command and control server through FTP or STMP using the credentials included in its internal configuration. They can also send malicious executables to inject known and vulnerable binaries already on specific hosts.
Without a doubt, the best way to protect our computers from these types of threats is to always keep common sense in mind. It is essential that we do not make mistakes such as downloading malicious files through e-mail or installing software from unofficial sources.
We must also have security software to protect us. A good antivirus can help us detect malware and prevent it from carrying out its attacks. There are many options that we have at our disposal. We leave you an article with tips to avoid password theft in Chrome.