FortiGuard
Fortinet’s Global Threat Intelligence and Research
Pwalia
Staff
Staff
Article Id 275519

Description

FortiGuard Labs captured a phishing campaign that spreads a new Agent Tesla variant. This well-known malware family uses a .Net-based Remote Access Trojan (RAT) and data stealer to gain initial access by exploiting vulnerabilities Microsoft Office vulnerabilities CVE-2017-11882 and CVE-2018-0802. The Agent Tesla core module can collect sensitive information from the victim’s device that may include the saved credentials, keylogging information, and device screenshots.

CVEs

CVE-2018-0802', 'CVE-2017-11882

Severity

High

Posted On

Sep 07, 2023

Outbreak Report Link

https://www.fortiguard.com/outbreak-alert/agent-tesla-malware-attack

 

Contributors