Agent Tesla, a remote access Trojan, has been upgraded to include new evasion tactics as well as the ability to target more applications for credential theft, updated communication tactics, and new techniques for surpassing endpoint defense. The new version targets Microsoft Anti-Malware Software Interface as a means to bypass endpoint detection. Researchers at Sophos published a report earlier today providing information on the new updates to Agent Tesla.
Agent Tesla has grown more popular in recent months as part of a remote access Trojan (RAT) malware family that is tricky to detect. Its developers have seemingly been focused on defense evasion over the past several months in order to remain unnoticed by security tools, allowing it to remain persistent on an infected device. Agent Tesla is offered as a form of malware-as-a-service and has been active since 2014. The RAT remains a common threat to Windows machines, according to cybersecurity researchers. The RAT offers attackers the ability to steal credentials and other information through screen captures, keyboard logging, and clipboard capture.
Read More: Agent Tesla Upgrades with New Delivery & Evasion Tactics