{"id":224927,"date":"2023-04-24T09:43:57","date_gmt":"2023-04-24T13:43:57","guid":{"rendered":"https:\/\/sftarticles.wpenginepowered.com\/es\/?p=285023"},"modified":"2025-07-01T19:25:14","modified_gmt":"2025-07-02T02:25:14","slug":"this-works-agent-tesla-trojan-steals-chats-whatsapp-passwords-personal-data","status":"publish","type":"post","link":"https:\/\/cms-articles.softonic.io\/en\/this-works-agent-tesla-trojan-steals-chats-whatsapp-passwords-personal-data\/","title":{"rendered":"How Agent Tesla, the Trojan that steals WhatsApp chats, passwords and personal data works"},"content":{"rendered":"\n

WhatsApp<\/strong> is one of the most used apps in the world. The app that years ago allowed us to stop relying on expensive SMS (they still exist) enjoys great popularity both in Spain and in Latin America<\/strong>, where Android<\/strong> phones are the majority. But WhatsApp also has a big problem: it is a magnet for cybercriminals.<\/p>\n\n\n

\r\n
\r\n
\r\n
\r\n \"WhatsApp\"\r\n <\/div>\r\n
\r\n WhatsApp<\/span>\r\n DOWNLOAD<\/a>\r\n <\/div>\r\n
\r\n <\/path><\/path><\/text><\/svg>\r\n <\/div>\r\n <\/div>\r\n
\r\n <\/span>\r\n <\/div>\r\n
\r\n \r\n <\/div>\r\n <\/a>\r\n <\/div>\r\n<\/div>\n\n\n\n

There are more and more dangers to which we are exposed by the simple fact of using WhatsApp. From scams and frauds such as the “code sent by mistake”<\/strong><\/a>, to the spread of different types of malware<\/strong>, either simply to cause damage to the device or to steal personal data and passwords.<\/p>\n\n\n\n

Recently, an investigation conducted by ESET<\/a><\/strong>, a cybersecurity company known for its antivirus: ESET NOD32,<\/strong> discovered the presence of a new malware<\/strong> that is affecting a multitude of people in various Latin American countries. Its purpose? To infect devices in order to steal passwords, take screenshots in apps such as WhatsApp<\/strong> and steal other data that would then be sent to cybercriminals.<\/p>\n\n\n

\r\n
\r\n
\r\n
\r\n \"ESET\r\n <\/div>\r\n
\r\n ESET NOD32 Antivirus<\/span>\r\n DOWNLOAD<\/a>\r\n <\/div>\r\n
\r\n <\/path><\/path><\/text><\/svg>\r\n <\/div>\r\n <\/div>\r\n
\r\n <\/span>\r\n <\/div>\r\n
\r\n \r\n <\/div>\r\n <\/a>\r\n <\/div>\r\n<\/div>\n\n\n\n

The Trojan, known as Agent Tesla<\/strong>, spreads via phishing emails, in which the attackers impersonate real courier companies<\/strong>, even simulating the elements that make up the emails. In these, the user is told that there is a problem with a delivery and that they should download an attachment or click on a link<\/strong>. If we do so, the Trojan will infect our device.<\/p>\n\n\n\n

\"\"<\/figure><\/div>\n\n\n\n

Once the Trojan is on the victim’s device, it can take screenshots of all your WhatsApp conversations<\/strong> (looking for passwords and personal data), save your keystrokes, steal browser passwords<\/strong> or even obtain information from the victim’s device.<\/p>\n\n\n

\r\n
\r\n
\r\n
\r\n \"WhatsApp\"\r\n <\/div>\r\n
\r\n WhatsApp<\/span>\r\n DOWNLOAD<\/a>\r\n <\/div>\r\n
\r\n <\/path><\/path><\/text><\/svg>\r\n <\/div>\r\n <\/div>\r\n
\r\n <\/span>\r\n <\/div>\r\n
\r\n \r\n <\/div>\r\n <\/a>\r\n <\/div>\r\n<\/div>\n\n\n\n

As always in cases of scam and phishing, to prevent your device from being infected with malware you should check the sender’s address<\/strong>. The vast majority of malicious emails present addresses with strange domains<\/strong> that either do not correspond to the company they are impersonating, or are simply a series of random numbers and letters.<\/p>\n\n\n\n

Some of the links added in the article are part of affiliate campaigns and may represent benefits for Softonic.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

A new type of Trojan known as Agent Tesla is capable of taking screenshots of WhatsApp conversations or stealing passwords.<\/p>\n","protected":false},"author":9256,"featured_media":224930,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wpcf-pageviews":0},"categories":[1015],"tags":[2333],"usertag":[],"vertical":[],"content-category":[],"class_list":["post-224927","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-app-subdomain-redirectionwhatsapp"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/224927","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/users\/9256"}],"replies":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/comments?post=224927"}],"version-history":[{"count":1,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/224927\/revisions"}],"predecessor-version":[{"id":320782,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/224927\/revisions\/320782"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media\/224930"}],"wp:attachment":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media?parent=224927"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/categories?post=224927"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/tags?post=224927"},{"taxonomy":"usertag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/usertag?post=224927"},{"taxonomy":"vertical","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/vertical?post=224927"},{"taxonomy":"content-category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/content-category?post=224927"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}