"New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks"

A lure file with the ZPAQ compression format is being used to deliver a new Agent Tesla malware variant to gather data from several email clients and about 40 web browsers. Agent Tesla, which first appeared in 2014, is a keylogger and Remote Access Trojan (RAT) written in .NET that is offered to other threat actors via a Malware-as-a-Service (MaaS) model. According to G Data malware analyst Anna Lvova, ZPAQ is a file compression format with a better compression ratio and journaling function than popular formats such as ZIP and RAR. This means ZPAQ archives can be smaller, which saves storage space and bandwidth when transferring files. However, the biggest disadvantage of the ZPAQ is its limited software support. This article continues to discuss the new Agent Tesla malware variant using ZPAQ compression.

THN reports "New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks"

Submitted by grigby1 

Submitted by Gregory Rigby on