This Tesla Attack Wants Your Data — What You Need To Know
Beware this new Agent Tesla threat.
Tesla has undoubtedly been in the news a lot since Elon Musk started implementing the whole DOGE thing, leading to protests against the electric vehicle giant, including some that have been branded as acts of domestic terrorism by the Trump administration. This latest Tesla attack, however, has nothing to do with Musk or his cars, although it does bear some comparison with DOGE, as it does want information.
Here's everything you need to know about the new Agent Tesla malware attacks.
The primary goal of any threat campaign is to deploy whatever the payload might be, from infostealer malware, ransomware, to flash drive compromise. The secondary goal, I guess, is to do so without anyone being able to detect the attack and intervening to stop it. There is a case for switching those priorities around, as without the latter, the former isn't possible. But that is by the by. Sophisticated multi-stage attack campaigns are fast becoming the norm, not least as they will often use complex delivery mechanisms in the delivery of their payloads in order to evade detection and bypass traditional security protections. One such campaign has been reported by threat intelligence analysts from the Unit 42 research labs at Palo Alto Networks, and it delivers Agent Tesla malware to steal your sensitive information.
The campaign begins with victims being sent emails with attached archives. 'These archives contain script-based malware that ultimately infects a host with the final malware,' Unit 42 said, with the phishing lure apparently involving that old chestnut of reviewing an attached order document or invoice for a payment that had supposedly been made.
Opening this attachment executes a JavaScript-encoded file that downloads and launches a PowerShell script, executed from the system temp directory to increase stealthiness. There are then two distinct routes that the threat can follow: either a .NET executable or an AutoIt dropper. The type of malware that the user gets infected with will depend on which is used. 'By stacking simple stages instead of focusing on highly sophisticated techniques,' Unit 42 warned, 'attackers can create resilient attack chains that complicate analysis and detection.'
The Unit 42 threat intelligence researchers observed Remcos RAT and XLoader being deployed by this particular campaign, but said that multiple Agent Tesla malware family variants were also used.
Agent Tesla is a remote access trojan that is capable of harvesting all sorts of sensitive data, making it an extremely effective infostealer tool. The malware has been known to grab everything from usernames and password credentials to contact information and financial data, along with browser history, screenshot captures, data from email clients, and even keystroke recordings. Agent Tessa is also adept at intercepting communications, including email and chat messages.
According to Kriti Awasthi at Fidelis Security, you can mitigate Agent Tesla attacks by ensuring email security and phishing awareness, employing multi-layer security, regularly updating software and firmware against known vulnerabilities and using strong authentication and access controls.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
USA Today
38 minutes ago
- USA Today
Waymo cars get torched by LA protesters, burning Google – an immigration ally
Waymo cars get torched by LA protesters, burning Google – an immigration ally | Opinion Whether there by chance or by protester design, the driverless vehicles made easy marks for anti-government agitators. Show Caption Hide Caption Protesters set Waymo cars on fire in Los Angeles anti-ICE protests Footage showed flames and thick smoke as demonstrators set Waymo cars on fire during an anti-ICE protest in Los Angeles on Sunday afternoon. It isn't clear yet how so many Waymo vehicles went up in flames in Los Angeles over the weekend, but speculation abounds across the internet that protesters hailed them to downtown LA. Whether there by chance or by protester design, the driverless vehicles made easy marks for anti-government agitators, who first slashed their tires, busted out their windows, spray-painted them with graffiti and then put at least three to the torch. All of this has resonance in greater Phoenix, where Waymo test drives its cars in such high numbers that this has become the 'largest area for autonomous ride-hailing service in the nation,' according to the Phoenix Business Journal. Los Angeles rioters protesting federal immigration roundups attacked five Waymo vehicles, the Los Angeles Times reported. They badly damaged all and set fire to three. LA protesters set 3 Waymo cars on fire Waymo vehicles are not like yours or mine. They are generally Jaguar I-Pace electric SUVs retrofitted with sophisticated LiDAR sensors that employ lasers to 3D map the area around them. The cars are also retrofitted with 29 cameras that produce a 360-degree view of the area surrounding the car, something protesting vandals may not have appreciated. Nor are these cars cheap. To produce and retrofit Waymo vehicles with their sophisticated equipment and software brings the price tag to roughly $150,000 to $200,000 each, The Wall Street Journal reports. If burning Waymos becomes a protest 'thing,' that could be a problem for Waymo and its parent corporation Alphabet, which also owns Google. It could also become a problem for more responsible protesters who march peacefully in support of immigrant rights. Because the militant activists among them are biting the hand that feeds them. Opinion: ICE is enforcing the law. Trump is right to send National Guard to protect them. Anti-ICE protesters forgot Google is not their enemy Google has been an enthusiastic and generous supporter of immigrant rights over the past decade. In 2017, Google created a $4 million crisis fund, at the time the company's largest crisis fund ever, to support immigration rights and organizations that advance the cause, USA TODAY reported. That meant money for the American Civil Liberties Union, Immigrant Legal Resource Center, International Rescue Committee and The United Nations Refugee Agency to defend the rights of Latin American immigrants, such as those protesting in Los Angeles this past weekend. Opinion alerts: Get columns from your favorite columnists + expert analysis on top issues, delivered straight to your device through the USA TODAY app. Don't have the app? Download it for free from your app store. Google proposed these financial grants only days after Google CEO Sundar Pichai expressed strong objections to President Donald Trump – then in his first term – and Trump's executive order to suspend entry of all refugees to the United States for 120 days. In 2021, Google announced that it would support then-President Joe Biden's proposal to pass humane and comprehensive immigration reform by paying the application fees for about 500 young migrants seeking jobs under the Deferred Action for Childhood Arrivals (DACA) program, Reuters reported. Google's proposal would send $250,000 to United We Dream, described by Reuters as assisting immigrants 'unlawfully living in the United States after arriving as children (to) secure work permits and avoid deportation using DACA.' The internet laughs at Waymo, for now By their actions, Los Angeles protesters not only torched Waymos. They also set the internet on fire with colorful snark. One post blazing across the internet uses a familiar movie still from Martin Scorsese's 1990 gangster film 'Goodfellas.' It depicts the face of mafia enforcer Tommy DeVito (played by Joe Pesci) as he walks into an empty room and realizes he's been double-crossed. College professor Keith Oregel captioned the image, 'A Waymo arriving to pick up a passenger in downtown Los Angeles.' Opinion: Trump lied about LA protests to deploy the National Guard. He wants violence. Another internet meme shows Democratic California Rep. Nancy Pelosi – who gained notoriety for making Wall Street millions – as she walks briskly and talks on the telephone. The image is captioned, 'Sell Waymo.' Today, the joke is on Waymo. Tomorrow, when those five cars yield the digital imagery of their combined 145 cameras, it might be on the protesters caught with their pants down. Phil Boas is an editorial columnist with The Arizona Republic, where this column originally published. Email him at
Yahoo
41 minutes ago
- Yahoo
Stock market today: Dow, S&P 500, Nasdaq futures tread water ahead of next round of US-China talks
US stock futures were in a holding pattern on Tuesday ahead of the second day of renewed trade talks between the US and China after an upbeat initial meeting. Futures on the Dow Jones Industrial Average (YM=F), the S&P 500 (ES=F), and the tech-heavy Nasdaq 100 (NQ=F) hovered just below the flat line. Stocks edged higher on Monday after Trump officials suggested that trade talks with China in London had been productive. Treasury Secretary Scott Bessent said it was a "good meeting," while President Trump cautioned that while "China's not easy," he received "good reports." Representatives for the countries are set to reconvene Tuesday morning in London and are expected to focus negotiations on rare earths and tech. Investors are eager for tensions between the two trading partners to resolve as the risks to economies worldwide remain high. Read more: The latest on Trump's tariffs Meanwhile, investors are counting down to the release of the May Consumer Price Index (CPI) report on Wednesday. The report will offer fresh insight into the state of inflation amid Trump's evolving trade policy. Analysts expect to see price pressures accelerated last month. Apple (AAPL) is holding its highly anticipated annual developers' conference. Yahoo Finance's Daniel Howley reports from Silicon Valley: Apple on Monday announced sweeping changes to its product ecosystems, including a wide-ranging revamp of its iOS operating system for its iPhones, as well as the software that powers its iPads and Macs. The updates, which the company debuted as part of its WWDC developer event held at its headquarters in Cupertino, Calif., mark the biggest shift in Apple's software design in years. Still, the improvements were light on new AI capabilities at a time when Wall Street is looking for Apple to prove it can compete in the space. ... While Apple showed off a handful of new features for its Apple Intelligence platform, it's unlikely to quell fears that the company is falling behind the likes of Microsoft and Google in the rapidly evolving space. Read more on Apple's announcements here. Apple (AAPL) is holding its highly anticipated annual developers' conference. Yahoo Finance's Daniel Howley reports from Silicon Valley: Apple on Monday announced sweeping changes to its product ecosystems, including a wide-ranging revamp of its iOS operating system for its iPhones, as well as the software that powers its iPads and Macs. The updates, which the company debuted as part of its WWDC developer event held at its headquarters in Cupertino, Calif., mark the biggest shift in Apple's software design in years. Still, the improvements were light on new AI capabilities at a time when Wall Street is looking for Apple to prove it can compete in the space. ... While Apple showed off a handful of new features for its Apple Intelligence platform, it's unlikely to quell fears that the company is falling behind the likes of Microsoft and Google in the rapidly evolving space. Read more on Apple's announcements here.
Business Insider
2 hours ago
- Business Insider
Uncle Elon's final report card
All good buddy comedies come to an end. For President Donald Trump and first friend "Uncle Elon" Musk, theirs wrapped up with the same explosive fanfare upon which it started. But now their shared enthusiasm for cutting government waste has morphed into animosity for each other so deep and personal that it's become a textbook case study in management gone wrong. In November, just after Trump's reelection, I asked management experts if Musk could mimic his track record of juicing everything he could out of his lean companies to make the government run more efficiently. They were reluctant to doubt Musk and his Department of Government Efficiency, but just as reluctant to think his efficiency tactics at Tesla and X meant he could single-handedly transform the government. I checked back in with some of them in March, six weeks into DOGE's chaotic tenure, after it dismantled USAID and axed tens of thousands of federal workers. They described his management as "clumsy," "wrongheaded," and full of "political recklessness." Now, the breakup of the bromance between two of the world's biggest, boldest personalities is surprising only in that it took so long to unfold and, once it did, moved with the speed that only two social media savvy, chronically online posters could propel. (Musk posted on X more than a dozen times lambasting Trump and his " Big Beautiful Bill" late last week, since deleting some of the most disparaging claims, and Trump suggested Musk might be suffering from "Trump derangement syndrome.") If DOGE is a cautionary tale in how not to manage, it's one from the furthest extreme, marked by a clash between the egos of two of the world's most powerful men that made politics extremely personal. Still there are business lessons to be gleaned even for those of us who run fewer than six companies and have fewer than 220 million social media followers. DOGE has proved "unsuccessful" up to this point, and is so far a "failed venture" for Musk and for the government, says Subodha Kumar, a professor at Temple University's Fox School of Business. It brought "disruption, a lot of delays, a lot of mistrust, and a lot of good people have left the organization," he says. "This kind of damage takes a long time to repair." To date, DOGE has claimed it found $180 billion in savings (Musk in May called DOGE "effective," but "not as effective as I'd like," as the original goal was to save $2 trillion). An analysis in April from nonpartisan research group Partnership for Public Service found that the department's actions could cost as much as $135 billion, an estimate of the costs of the firings, re-hirings, and lost productivity. Meanwhile, the four months Musk spent working taking a chainsaw to the federal government are wrapping up doused in drama that has spilled over to his other companies. After his 130-day post as a special government employee ends, Musk is pointing the blame for government waste back on Trump, skewering the spending bill for being too big and ugly, and endorsing a call to impeach Trump and replace him with Vice President JD Vance (that post has since been deleted). The lesson here is akin to that of two mob bosses of the gangster world who both crave the superior distinction of being the number one boss. Jeffrey Sonnenfeld, a Yale School of Management leadership professor The escalating tension is just the beginning of a fight that could get worse for Musk, and likely has little benefit for Trump, Jeffrey Sonnenfeld, a Yale School of Management leadership professor who has studied Trump for decades and advised presidents, tells me in an email. DOGE, he notes, overpromised savings and may actually cost US taxpayers more when it comes to rehiring costs, repairing systems, and weakened cybersecurity. As WIRED reported last week, DOGE is hiring, and even has reached out to technologists who formerly worked for the government. Musk's involvement with the DOGE proved tumultuous for his businesses from the start. His personal wealth ballooned by some $200 billion in 2024, surpassing $400 billion after Election Day. Once he got to work in the White House, his absenteeism from his companies — paired with a growing distaste for DOGE's actions among the electorate and protests targeting Tesla — led his net worth to drop alongside Tesla's market cap. Last Thursday, Musk's open beef with Trump further hampered his wealth, leading the Tesla CEO to lose $34 billion personally in a single day. Tesla stock, which has taken a beating as people turn on the company to protest Musk's government work, took its biggest tumble since March, closing 14% lower and wiping out $152 billion from the company's market cap. Musk is still the richest person in the world. For Musk, there's damage to the Tesla brand in need of repair. His next step could be "to portray himself as a purist who came in to offer his technical help and didn't realize how deep the corruption runs," says Michael Morris, a professor at Columbia Business School. "Musk could potentially portray himself as a wayward son of the tech industry." This might only work if the Trump administration continues to stumble, and if Musk also sees more success, like winning big with his robotaxi push. As Taylor Lorenz reported in User Mag Friday, some high-profile Democrats are already signaling that they would welcome Musk back into the fold. Trump over the weekend told NBC News Musk would face "serious consequences" if he donated to Democratic candidates (he did not specify what they would be). It's yet to be seen where Musk will find his next political alliances: On Friday, he ran a poll on X asking if a third political party should emerge to include the 80% of Americans in the middle of Republicans and Democrats, as he sees it. The president has threatened to go after Musk's government contracts — which total in tens of billions of dollars for SpaceX and Tesla. "The easiest way to save money in our Budget, Billions and Billions of Dollars, is to terminate Elon's Governmental Subsidies and Contracts," Trump wrote on Truth Social. "Elon was 'wearing thin,' I asked him to leave, I took away his EV Mandate that forced everyone to buy Electric Cars that nobody else wanted (that he knew for months I was going to do!), and he just went CRAZY!" Trump himself bought a Tesla just three months ago, and is now considering selling it. (Best of luck to him, the cars' resale values have tanked). As Trump and Musk part ways, it's clear that Musk's brazen, fully autonomous leadership style didn't work in the government world, as it eschewed transparency and collaboration in favor of a top-down approach. "The one-size-fits-all policy does not work everywhere," says Kumar. "You have to understand the culture of the organization and you have to work from inside rather than from outside." Back in November, experts told me it wasn't clear what authority Musk would actually wield in the newly-created position to implement massive spending cuts. Trying to employ tech-world leadership tactics from the White House created a rivalry between Musk and Trump for power and control, undercutting the alliance between the two and leaving DOGE far short of its savings goals. "The lesson here is akin to that of two mob bosses of the gangster world who both crave the superior distinction of being the number one boss — with surging parallel drives for grandiosity," Sonnenfeld says. "Musk's tragic mistake was that he forgot his role — as a staffer and advisor to Trump, not the primary character he foolishly believed himself to be, and even now, continues to overestimate his own importance and indispensability."
