'Transcrop Bank' Email Virus

The 'Transcrop Bank' email virus is the name to a spam email campaign delivering malware-laced files. The fraudsters disseminate countless misleading email messages in an attempt to trick users into opening attached files that carry a malware threat called Agent Tesla RAT.

The fake emails are designed to attract the attention of unsuspecting users immediately, by claiming that recipients have a large transaction of $150,000 from 'Transcrop Bank' that is waiting to be completed. To receive the money, however, users have to verify their information, otherwise, the fake bank will not be held responsible if the money goes somewhere else. Of course, there is no such transaction, as all the claims made in the email are false complete and entirely. The only purpose of the email is to entice users into executing either of the two attachments. The files have official-sounding names such as 'Bank Verification Slip.exe' or 'Invoice.exe' but their only goal is to deploy the Agent Tesla RAT onto the user's computer.

This Week In Malware Episode 35 Part 1: Tesla RAT (Agent Tesla) Malware Gets New Password Stealing Abilities

If the RAT is deployed successfully it will grant significant control over the compromised machine to the hackers behind the 'Transcrop Bank' email virus tactic. Like most backdoor threats, Agent Tesla can be used to execute arbitrary commands, gather and exfiltrate sensitive private information or to download or upload files.

Users should always be extremely careful when dealing with emails coming from unknown senders if they contain some 'too-good-to-be-true' sounding offers, especially.