Remote Access Trojans iri kuwedzera mumakore achangopfuura uye yave kuwanda kupfuura mamwe emhando dzepasirese dzemarware. Kunyanya, kubvira pakatanga kubuda kweCCIDID-19, iyo Agent Tesla remote-access trojan (RAT) yakabudirira kushandisa kutya denda uye yakawedzera akati wandei maficha. Mumiriri Tesla akatanga kusvika pachiitiko makore mapfumbamwe apfuura uye akaratidzirwa mukurwiswa kwakawanda muhafu yekutanga ya2020 pane yakakurumbira malware kutyisidzira TrickBot kana Emotet, kunyanya kurwisa mabhizinesi.
Agent Tesla anonyanya kuita keylogging uye kuba data. Iwo mabhinari matsva anopa kupararira kwakasimba uye nzira dzejekiseni uye anokwanisa kuba isina waya network ruzivo uye zvitupa. Mumiririri Tesla anogona zvakare kukohwa data yekumisikidza uye zvitupa kubva kune akati wandei akajairwa VPN vatengi, FTP uye email vatengi uye web browser, kusanganisira. Apple Safari, Google Chrome, Edge, Mozilla Firefox, Mozilla Thunderbird, OpenVPN, Opera Mail uye vamwe vazhinji.
Chimwe chinhu chitsva cheiyi chekare Remote Access Trojan ndechekuti akasiyana anogona ikozvino kutora echipiri eecutable kuti aise pamushini wemunhu akabatwa uye wozobaya kodhi mune iwo echipiri-danho mabhinari senzira yekunzvenga-yekuona.
Mune imwe mushandirapamwe, vaongorori vakacherekedza Agent Tesla achidonhedza kopi yeRegAsm.exe uye achiisa imwe kodhi mairi; saka, RegAsm.exe yakabata mabasa makuru ekukohwa-data uye kuburitsa. Ijekiseni rinoitwa kuburikidza nekuita hollowing, umo zvikamu zve system memory zvisina kuvharwa nenzvimbo iyoyo zvobva zvadzoserwa nekodhi yakaipa.
Zvimwe zvigadziriso zvakaonekwa mukuita kweiyo malware. Mushure mekunge kodhi yatangwa, iyo malware inounganidza ruzivo rwemunharaunda, inoisa keylogger uye yobva yatanga maitiro ekutsvaga nekukohwa data. Munguva iyi, iyo malware inoongorora isina waya network zvigadziriso uye zvitupa.
Kunyangwe Agent Tesla anga aripo kwemakore akati wandei ikozvino, vanorwisa vari kuramba vachigadzira nzira nyowani dzekuishandisa uku vachichengeta kusazivikanwa uye kudzivirira kuonekwa.