Overview

Agent Tesla is a Remote Access Trojan (RAT) and has been available for purchase on hacker forums since 2014. It is designed to record keystrokes and steal confidential bank card data. The malware has a range of functionalities, including extracting data from infected hosts, stealing passwords from applications and browsers, as well as downloading and launching applications on the target systems.

Agent Tesla is sold on underground forums in three different renditions – Bronze, Silver, Gold at the average price of $9, $20, and $30 respectively. It is written in .NET, supports all Windows versions and is routinely spread through phishing campaigns but has also been known to be distributed via USB.

Intelligence gathering has revealed that Agent Tesla has operated at a high level since October 2023 and has demonstrated a consistent increase within Q1 2024.