Hit enter to search

ToxicEye RAT Exploiting Telegram Platform

April 29, 2021

ToxicEye operators are utilizing Telegram to maintain control of their malware. The RAT exploits the instant messaging service as a part of C2 infrastructure to conduct excessive data theft.

The attack chain begins with the establishment of a Telegram account and the installation of a bot. The bot is embedded within the malware's configuration for malicious purposes.