Home » Computer security data security Latest Cybersecurity News

‘Agent Tesla’ malware is now upgraded to steal your WiFi passwords

William Marshal Posted On April 17, 2020
0


Agent Tesla WiFi password stealing

New variants of ‘Agent Tesla’ an information stealing malware is now capable of stealing WiFi passwords in the infected devices. These passwords can later be used by the attackers for improving on their infection or compromising the devices and network further.

Agent Tesla malware

The creator of this malware collects the password from the devices using a netsh command with a wlan show profile argument to list all the WiFi passwords stored in that infected device. Once the malware discovers the SSIDs, the Agent Tesla Info-Stealer executes the netsh command adding the SSID and a key=clear argument to extract the password for each user profile as per the Malwarebytes Threat Intelligence team report.

Along with the passwords, the malware also steals data from the FTP clients, file downloaders, browsers, RAM, CPU architecture, device details and more.

Emotet

Along with Agent Tesla, Emotet Trojan also has got its upgrade to spread to nearby WiFi networks from the infected device. Researchers at Binary Defense discovered the upgraded Emotet malware, that was further capable of becoming a worm module, that is spreading via networks.

With their new focus on this WiFi spreader module, the Emotet gang is on a straight path to developing a highly capable and perilous WiFi worm module that will show up more and more often while actively used in the wild. This upgraded version of Emotet can be hazardous as it can cause destruction to networks.

It is also to be noted that ‘Agent Tesla’ is publicly and commercially available, with a Keylogging program and remote access Trojan (RAT) abilities that is present since 2014.

This malware was distributed through spam campaigns in different formats like ZIP, MSI, IMG and more. Furthermore, it is also famous with BEC scammers, to take screenshots and record the keystrokes. The worst part this malware is capable of shutting down antivirus and other endpoint security solutions. 

How to build your defenses against these malware? 

Users should be careful, while opening mails and clicking the hyperlinks in the mail, as most of it are deployed through phishing. It is good to avoid downloading attachments from an unknown sender.

Moreover, Emotet and Agent Tesla is on the first and second place for the ‘Top 10 most prevalent threats’ as a malware analysis report from Any.Run has mentioned below,

Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on FacebookLinkedinInstagramTwitter and Reddit.   

Share the article with your friends




Author

William Marshal

William has been one of the key contributors to 'The Cybersecurity Times' with 9.5 years of experience in the cybersecurity journalism. Apart from writing, he also like hiking, skating and coding.

You may also like
ViperSoftX Malware Targets Password Managers and Cryptocurrency Wallets
May 1, 2023
Chameleon Android Malware: Mimicking Legitimate Apps to Steal User Data
April 17, 2023
Scattered Spider exploits Windows driver and evades EDR tools
January 12, 2023
Leave A Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.