Is Your Company at Risk?

cybersecurityA few new variants of the Agent Tesla info-stealer malware have been spotted in the wild and should be on your radar if they're not already.

The new variants are more dangerous than previous versions of the malware. They now sport a module that enables them to scrape WiFi passwords from devices they invest.

That will enable them to lurk in the background and install additional malware later, even after the initial infection has been found and cleared. It also makes these new variants to compromise other systems that reside on, or connect to the same compromised wireless network.

The authors of the new variants took pains to heavily obfuscate the code to make it more difficult to detect. The new capabilities revolve around the addition of a combination of the "netsh" command, coupled with a "wlan show profile" argument that lists all available WiFi profiles in a convenient format.

To actually get at the passwords, once the netsh command is run, a key-clear argument is used to show and extract the password for each profile in plain text format.

SpartanTec Inc. works with business of all sizes to ensure you data is safe.  Are your employees working from home? We can train them on how to safely do their work and protect your infrastructure.

A report compiled by Malwarebytes had this to say about the newly discovered code:

"In addition to wifi profiles, the executable collects extensive information about the system including FTP clients, browsers, file downloaders, machine info (username, computer name, OS name, CPU architecture, RAM) and adds them into a list. We believe this may be used as a mechanism to spread, or perhaps to set the stage for future attacks."

Agent Tesla isn't the only malware to have been upgraded in recent months. Emotet, which went for more than two years without a significant upgrade, has recently been spotted in the wilds sporting new WiFi stealing capabilities. It seems to point to a newly emerging trend in the hacking world.

Is your company at risk? A call to SpartanTec Inc. can put your mind at ease.

SpartanTec, Inc.
Myrtle Beach, SC 29577
843-561-9775
https://www.spartantec.com/

Used with permission from Article Aggregator