top of page
  • Clipeus

Agent Tesla Weaponizes ZPAQ

G-Data Software reports new TTPs linked to Agent Tesla, one of the most popular information stealers. Agent Tesla samples were delivered in archived format leveraging ZPAQ compression format, quite an unusual software which raised a hypothesis on the campaign; i.e., the attacker - which remains to be identified - may be targeting a specific group of technical users. ZPAQ is an open-source solution which is available for any Linux and Windows system. The samples that were identified and analyzed leverage Telegram, FTP, and SMTP for data exfiltration.


Commenting has been turned off.

If you are interested in specifics or additional insights on the threats above or any other threat, please visit our dedicated service page or reach out to with your inquiry. We would be glad to assist you

bottom of page