Dissecting Agent Tesla: Unveiling Threat Vectors and Defense Mechanisms
Agent Tesla is a Remote Access Trojan (RAT) malware written in .NET. Threat actors and APT groups use this kind of malware because of its wide stealing and evasion operations. The first Agent Tesla emerged in 2014 and got the right attention because of its ability to steal sensitive information from the victims’ endpoints, browser data, DB data, FTP data, VPN data, capture screenshots, etc. This kind of malware spreads through email attachments. These days, in 2024, there is an increase in the use of the Agent Tesla malware by threat actors. This reason is Agent Tesla is being offered as Malware as a Service (MaaS) on the Dark Net.