New AgentTesla Variant Exploits FTP for Data Exfiltration

New AgentTesla variant exploits FTP for data exfiltration. A recent analysis reveals a new variant of the AgentTesla malware that utilizes FTP notes for data exfiltration. The malware is distributed via password-protected zip files, with a new password scheme detailed on the website’s “about” page. The report includes associated files such as indicators of compromise (IOCs), email samples, and packet capture data, highlighting the malware’s persistence on infected Windows hosts. Visual aids, including screenshots and traffic analysis from Wireshark, provide further insight into the malware’s operation and impact.