Keyloggers are nothing new, but Agent Tesla takes simple keyloggers to new levels. Among other capabilities, Agent Tesla can steal passwords from all major browsers, and capture snapshots of the victim’s keystrokes, their desktop, and pictures from their webcam at timed intervals, all while remaining undetected on the victim’s computer. Only Windows computers can be affected, not those running the Apple iOS or Linux.
Although Agent Tesla has been around since 2014, there has recently been an increase in its popularity with more than 6,300 customers paying subscription fees to license the malware. This type of product, known as malware as a service (MaaS), doesn’t require criminals to have extensive coding or technical knowledge. They can simply buy the malware off the shelf, then distribute it to their victims. With MaaS, bad guys can launch a criminal empire at prices starting at under $10.
The website selling Agent Tesla stated that the software was only to be used to monitor your own computer and that Agent Tesla “is not a malware. Please, don’t use for computers which is not access permission.” However, the site and its support channel also told users how to avoid detection and how to bundle the program inside other file types, including images, audio, text and Microsoft Office files.
The website has now stopped selling Agent Tesla to new customers and they claim to be making changes to the software to prevent its use by “malicious people.” That means that while new sales, updates and technical support are not currently available, Agent Tesla is still out there “in the wild”, able to infect more machines. And it is certainly possible that the criminals behind it will pop up again.
The complexity of Agent Tesla can make it difficult to identify and remove. The best way to deal with keyloggers and malware such as Agent Tesla is not to get infected in the first place. That means keeping anti-virus and anti-malware programs up to date, not opening unknown attachments and being cautious about clicking on unknown links.
