Agent Tesla's New Ride: The Rise of a Novel Loader
released on 2024-03-27 @ 09:50:01 AM
A new and sophisticated loader has been observed delivering the Agent Tesla infostealer malware using advanced techniques like polymorphism, anti-analysis, and proxy communications to evade detection. The loader is delivered via phishing emails and executes the infostealer payload entirely in memory. Agent Tesla then captures sensitive information and exfiltrates it using compromised email accounts. This novel loader marks an evolution in the tactics used to deploy Agent Tesla and will likely facilitate the distribution of other malware families beyond just Agent Tesla.