Tesla has often made headlines lately, but this new problem is not connected to Elon Musk or his cars. Instead, it involves cybercriminals who are trying to steal people’s private information using a dangerous software called Agent Tesla.
Here’s a clear explanation of how the attack works and what you need to stay safe.
Attackers Use Clever Tricks to Spread Malware
Researchers from Unit 42, the security team at Palo Alto Networks, have reported a new online threat. This time, hackers are sending fake emails to people, pretending that important documents like invoices or payment receipts are attached.
When someone opens the file, it quietly triggers a hidden script. This script then downloads a second program called PowerShell, which runs silently from the computer’s temporary folder, making it much harder for antivirus software to detect.
Once the script is active, the attack can follow one of two different paths: it either launches a .NET file or an AutoIt dropper. Depending on which one is used, different types of harmful programs are installed on the victim’s device. Although each step of the attack is simple, when combined, they make the entire process harder to spot and stop.
What is Agent Tesla?
One of the main threats delivered by this campaign is Agent Tesla. Agent Tesla is a type of malware kn
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.