Agent Tesla IOC Feed

Agent Tesla is an advanced malware that primarily serves as a keylogger, capturing and transmitting sensitive data such as usernames and passwords by monitoring keystrokes on an infected computer. In addition to keylogging, it can take screenshots, extract credentials from various software, and even act as a remote access tool for cybercriminals. This malware is notorious for its versatility, including the ability to exfiltrate data through multiple channels such as FTP, email, and Telegram, making it particularly effective at bypassing standard security measures.

First identified around 2014, Agent Tesla has continuously evolved, becoming more adept at evading detection and increasing its functionality. It is commonly spread through phishing emails, malicious attachments, or compromised websites. The ease of customization and adaptability of Agent Tesla make it a preferred choice among cybercriminals, posing a significant threat in cybersecurity.

Below you will find the most recent Agent Tesla Indicators of Compromise (IOC’s) from our Threat Intelligence Feed. In addition to the data below, our private Agent Tesla IOC feed contains additional data including C&C information. Please note the data below is intentionally delayed by 48 hours. For live data updated every minute, please sign up for a free trial.