Attacks deploying the Agent Tesla and Taskun malware strains have been launched against U.S. government agencies and educational institutions, reports Hackread.
Intrusions commence with the distribution of phishing emails with malicious attachments leveraging widespread security flaws, including Microsoft Office vulnerabilities, to deliver the Taskun malware that compromises system integrity and facilitates persistence for Agent Tesla, a report from Veriti revealed.
Such a process ensures that Agent Tesla can proceed with login credential, keystroke, and screenshot exfiltration without being detected by security systems, according to researchers. Similar tactics have been leveraged in previous intrusions involving the TicTacToe Dropper that enabled Agent Tesla, SnakeLogger, Remcos, LokiBot, and RemLoader infections in Windows systems.
Significant data breaches that could arise from successful attacks using the malware strains have prompted researchers to recommend that government and education sectors ensure the adoption of a multi-layered security approach, which includes timely and regular patching and robust cybersecurity awareness training.
