AgentTesla Trojan Malware Uses Covid-19 as Cover To Infect Users
AgentTesla, a remote access Trojan, has been infecting victims globally during the Covid-19 pandemic. Global email phishing campaign that offers information on surgical masks and other personal protective equipment (PPE) for use during the pandemic is infecting users’ devices. These emails spoof messages from genuine chemical manufacturers that offer PPE for purchase. The phishing emails prey on users’ fears of reported shortages when trying to purchase PPEs.
The phishing emails have been sent globally to personal and business mailboxes alike. Businesses that are desperate and trying to keep their employees safe by purchasing PPEs are falling for these tactics. AgentTesla malware has found its targets in desperate times when fear of pandemic is high. The phishing campaign spoofs legitimate advertising of face masks and other medical supplies related to Covid-19, leading users to click on email links that infected their devices with malware.
The hackers are adjusting their emails and techniques every couple of weeks to avoid detection. The goal is to infect devices with AgentTesla malware that steals users’ information and allows for new malware to be downloaded and installed at a later time. Since the start of the pandemic this particular malware has become popular with cybercriminals because of its ability to avoid detection and high infection rates.
Once the AgentTesla is installed it is remotely controlled by the hackers to steal data and infect devices with more malware. Cybercriminals have used it to harvest user credentials, financial data and personal information. Security experts have also noticed that underground gangs have been purchasing and renting out the malware for a few dollars on a monthly basis. Varying the source of the malware has allowed various malicious groups to participate in these schemes, making it almost impossible to track.
Email phishing campaigns in the times of stress due to Covid-19 have found easy targets infecting computers globally. These email campaigns continue to pray on people that have experienced shortage of face masks and forehead thermometers during the ongoing pandemic. The hackers are constantly adjusting their tactics in order to avoid detection and to increase the chances of infecting more devices. Security experts recommend that users do not respond or open emails from entities that they are not familiar with.