Agent Tesla RAT Uses New Tricks to Stay on Top

The Agent Tesla RAT (Remote Access Trojan) has become one of the most prevalent malware families threatening enterprises in the first half of 2020.

Although the Agent Tesla RAT has been around for at least 6 years, it continues to adapt and evolve, defeating many organizations’ security efforts.

Agent Tesla is, at its core, a keylogger and information stealer. First discovered in late 2014, there has been steady growth in the use of Agent Tesla over the last 1-2 years. The malware was initially sold in various underground forums and marketplaces. Agent Tesla, like many of its contemporaries, offered both the malware itself as well a management panel for administration and data collection and management. Information harvested from infected devices quickly becomes available for the attacker via the panel interface.

Like many other threats, the primary delivery mechanism for Agent Tesla is email (phishing messages). Attackers are often timely with their social engineering lures, and the current pandemic is not off limits to the attackers.

Detection and prevention are key to reducing exposure to these threats. The SentinelOne platform is fully capable of detecting and preventing Agent Tesla-based malware campaigns. SentinelOne is the only cybersecurity solution encompassing AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous platform. With SentinelOne, organizations gain full transparency into everything happening across the network at machine speed – to defeat every attack, at every stage of the threat lifecycle.

Read Jim Walter’s full article on the Tesla RAT here.

To learn more about SentinelOne’s Edge to Edge Enterprise Security Platform visit http://www.sentinelone.com or contact your local Exclusive Networks Account Manager.