‘Agent Tesla’ on the prowl; can steal key info from your devices

Our Bureau Hyderabad | Updated on February 11, 2021

Post gaining access to the target computer, the malware can capture information as the victim keys in, for example, passwords

Cyber security experts have unearthed a sophisticated information-stealing malware, which is being spread through malicious emails.

After getting access to the target computer, the malware can capture information as the victim keys in, for example, passwords.

Though not something new, the malware, called Agent Tesla, continues to remain a challenge.

Cyber security solutions firm Sophos said that the seven-year-old Agent Tesla steals information from web browsers, email clients, virtual private network (VPN) clients, and other software that stores usernames and passwords.

“It can capture keystrokes while users are typing and record screenshots, so it can see what is on their screen,” a new Sophos report said.

The more recent version of the info-stealer can use the Telegram messaging service to communicate with its operators. It also tries to alter software code to block security protection.

“Agent Tesla malware has been active for more than seven years. Yet it remains one of the most common threats to Windows users,” Sean Gallagher, senior security researcher at Sophos, said.

“The most widespread delivery method for Agent Tesla is malicious spam attachments. The email accounts used to spread Agent Tesla are often legitimate accounts that have been compromised,” he said.

Sophos has advised users to treat email attachments from unknown senders with caution.


Sophos has advised users to secure their devices well, and screen, detect and block suspicious emails and their attachments.

“You should never open attachments or click on links in emails from unknown senders,” it said.

Follow us on Telegram, Facebook, Twitter, Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

Published on February 11, 2021
  1. Comments will be moderated by The Hindu Business Line editorial team.
  2. Comments that are abusive, personal, incendiary or irrelevant cannot be published.
  3. Please write complete sentences. Do not type comments in all capital letters, or in all lower case letters, or using abbreviated text. (example: u cannot substitute for you, d is not 'the', n is not 'and').
  4. We may remove hyperlinks within comments.
  5. Please use a genuine email ID and provide your name, to avoid rejection.