Network Security, Malware, Threat Intelligence

US government, education sectors subjected to joint malware attack campaign

Warning icon on a digital LCD display with reflection.

Attacks deploying the Agent Tesla and Taskun malware strains have been launched against U.S. government agencies and educational institutions, reports Hackread.

Intrusions commence with the distribution of phishing emails with malicious attachments leveraging widespread security flaws, including Microsoft Office vulnerabilities, to deliver the Taskun malware that compromises system integrity and facilitates persistence for Agent Tesla, a report from Veriti revealed.

Such a process ensures that Agent Tesla can proceed with login credential, keystroke, and screenshot exfiltration without being detected by security systems, according to researchers. Similar tactics have been leveraged in previous intrusions involving the TicTacToe Dropper that enabled Agent Tesla, SnakeLogger, Remcos, LokiBot, and RemLoader infections in Windows systems.

Significant data breaches that could arise from successful attacks using the malware strains have prompted researchers to recommend that government and education sectors ensure the adoption of a multi-layered security approach, which includes timely and regular patching and robust cybersecurity awareness training.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.