Toxiceye.rar

Deploys keyloggers to record every keystroke. How the Attack Works Bot Creation: Attackers create a dedicated Telegram bot.

The file is sent via phishing emails. If opened, it installs a hidden file at C:\Users\ToxicEye\rat.exe . ToxicEye.rar

Steals credentials, browser history, cookies, and clipboard contents. Deploys keyloggers to record every keystroke

The malware grants attackers nearly full control over a victim's machine: steal user data

For further technical details, researchers at Check Point Research and The Hacker News have published comprehensive analyses of this threat. ToxicEye RAT hits Telegram app to spy, steal user data