Agent Tesla ramps up its game in bypassing security walls, attacks endpoint protection

The malware now attempts to disable Microsoft antivirus protection.
Written by Charlie Osborne, Contributing Writer

Agent Tesla malware variants are now using new techniques to try and eradicate endpoint antivirus security. 

On Tuesday, Sophos researchers said that two new variants of the Remote Access Trojan (RAT) are targeting Microsoft Anti-Malware Software Interface (AMSI), scanning and analysis software designed to prevent malware infections from taking hold. 

Agent Tesla operators will now attempt to tamper with AMSI to degrade its defenses and remove endpoint protection at the point of execution. If successful, this allows the malware to deploy its full payload. 

First discovered in 2014, Agent Tesla is a commercial RAT written in .NET and includes and is a well-known information stealer. The malware is often spread through phishing campaigns and malicious email attachments and is used to harvest account credentials, steal system data, and provide remote access to a compromised PC to attackers. 

Phishing email samples include package delivery notices, attachments claiming to be catalogs, PPE offerings related to COVID-19, and when used against organizations they may also relate to business-critical issues such as invoicing. 

Sophos says that the malware, which is under constant development, includes a .NET downloader that calls and grabs malicious code hosted on legitimate websites including Pastebin which is published in a base64-encoded and obfuscated manner. 

These "chunks" of codes are merged together, decoded, and decrypted to form the main loader. 

If AMSI has been successfully disarmed, this loader is then installed and can run without any interference, deploying Agent Tesla in full in order to take screenshots, log keyboard input, steal data saved on clipboards, and grab credentials from browsers, email clients, apps, and more. 

Other updates to the malware, labeled as Tesla 2 and 3, includes an increased number of applications on the hit-list for the theft of credentials and enhanced obfuscation, as well as options for operators to use the Tor client and Telegram's messaging API when connecting to command-and-control (C2) servers.

Target applications include Opera, Chromium, Chrome, Firefox, OpenVPN, and Outlook.

"The differences we see between v2 and v3 of Agent Tesla appear to be focused on improving the success rate of the malware against sandbox defenses and malware scanners, and on providing more C2 options to their attacker customers," the researchers say.

Criminal clients can also choose to maintain persistence by executing the malware on system starts and can remotely uninstall Agent Tesla if they wish. If another, past version of the malware is detected on the target system and the option to maintain persistence is selected, both versions 2 and 3 will remove it. 

Sophos says that in December 2020, Agent Tesla payloads accounted for approximately 20% of all malicious email attachments. 

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

Editorial standards