Hijacks the PC’s microphone and camera to record audio and video.
The file is sent via phishing emails. If opened, it installs a hidden file at C:\Users\ToxicEye\rat.exe . ToxicEye.rar
Watch for unusual traffic to Telegram servers from devices that do not have the app installed. Hijacks the PC’s microphone and camera to record
is a multi-functional Remote Access Trojan (RAT) that uses Telegram as its command-and-control (C2) infrastructure. This malware is typically spread through phishing emails containing a malicious executable file disguised as legitimate documents (e.g., "paypal checker by saint.exe"). Core Capabilities and clipboard contents.
Steals credentials, browser history, cookies, and clipboard contents.