Skip to content

Beware: Malware Variant Learns To Swipe Passwords From Browsers And VPNs


So, if stressing about network security wasn’t already adding to the woes of 2020, it has been discovered that a popular malware has more or less “upgraded” itself.

When we say “upgraded”, we mean that it has taught itself to harvest passwords and credentials from browsers like Google Chrome, Firefox, email clients, and VPNs. Unfortunately, there are only just a few of the applications it will target.

The original version of this malware, called ‘Agent Tesla’, was discovered approximately 6 years ago and security researchers have been monitoring its growth over the past year.

Sentinel Labs explains:

“The malware was initially sold in various underground forums and marketplaces, as well as its very own site (now defunct) Agent Tesla, like many of its contemporaries, offered both the malware itself as well a management panel for administration and data collection and management. Information harvested from infected devices quickly becomes available for the attacker via the panel interface.”

Image of a hooded figure hacking an account

Agent Tesla’s popularity was gained from its affordability. But who would want to buy malware? A light article on the Kaspersky website touches on this: vandals and people who seek to steal financial information or other personal information, or people who just seek infamy.

At the present time, Agent Tesla has been found to not be very “sophisticated in its delivery”. It is mainly offered through phishing campaigns and bogus emails (recently, one posing as an update from WHO on Covid-19) and special Office documents.

Skull image

“In addition to stealing login credentials from various legitimate software, Agent Tesla is also a keylogger. In fact, installing a keylogger is one of the first things it does after infecting a system. It can also steal Wi-Fi passwords.”

To protect yourself, and others who may share your computer or network, it’s best to practice intelligence and caution when operating computers.

Be careful not to open any documents sent from an unknown source (you may have seen ones with the subject “Your outstanding invoice” or something similar), be cautious of any links sent to you via email or social media, and also, be wary of bots. Technology is evolving to the point where bots are cleverly disguised.

Be wary, spread awareness through your workplace, and make sure that your antivirus is a good one!