Hackers Stealing WiFi Password Using New AgentTesla Malware approved cc shop, cvv carding sites

Researchers uncovered a new malware variant of AgentTesla used by threat actors to steal WiFi Password and data from different applications such as browsers, FTP clients, and file downloaders.
AgentTesla initially observed in 2014, Since then the malware frequently used by various threat actor groups, and performed multiple cyber-attacks around the globe.
We have reported the  AgentTesla Activities  last year while it was attempted to steal the username-password and log keystroke from various Windows applications.
Attackers using the different modules in this campaign, one of the modules has the capability of stealing Wi-Fi passwords.
Recent activities of the malware observed during March and April 2020, and the actors using the malspam campaigns as a medium and distribute malware in various formats such as ZIP, CAB, MSI, IMG files, and Office documents.
AgentTesla info stealer written in .Net, and the researchers saw its activities in wide that collect the information about the victim’s WiFi profile and possibly spread into other machines.
Attack distributed the embedded executable Variant as an encrypted image resource named (ReZer0V2) that can extract and execute one of the victim’s machine in the run time.
Attackers added anti-debugging, anti-sandboxing, and anti-virtualization checks before executing the variant in the victim’s machine. Once it performed all the checks, it executable decrypts and injects the content.
Later it drops the second payload (owEKjMRYkIfjPazjphIDdRoPePVNoulgd) which is heavily obfuscated and it is the main component that responsible for stealing credentials from browsers, FTP clients, wireless profiles, and more.
Later attackers extract the WiFi password in plan text by applying the “netsh wlan show profile PRPFILENAME key=clear”.
In addition to that, AgentTesla collecting the system information including FTP clients, browsers, file downloaders, and machine info (username, computer name, OS name, CPU architecture, RAM) and send them into the attackers via C2 server.
AgentTesla has some of the other capabilities in the previous variants including Logs keystrokes and is listed in the  top 10 most wanted malware families  in 2020.
Researchers also belives that the actors expact the operation of AgentTesla since they have added this WiFi stealing feature.
approved cc shop cvv carding sites

Author: wpadmin