Get Permission
An updated version of the AgentTesla information-stealing malware now boasts additional data harvesting capabilities, including the ability to target more web browsers and email clients, according to a report released this week by security firm Cofense.
AgentTesla was first uncovered by security researchers in 2014. Since then, its developers have steadily added to its capabilities. One recent update that was spotted in August by analysts with Sentinel Labs found the malware could steal credentials from VPNs, web browsers, FTP files and email clients (see:
Since the start of the COVID-19 pandemic, AgentTesla has become popular with fraudsters and cybercriminals due to its ability to steal a large range of data from targeted victims and its relatively low licensing fees, which the Sentinel Labs analysis found ranges from $12 for a monthly rental to $35 for a six-month lease.