"Enigma, Vector, and TgToxic: The New Threats to Cryptocurrency Users"

Russian threat actors have been targeting Eastern European users in the cryptocurrency industry with fake job postings, tricking them into installing information-stealing malware. The attackers use various highly obfuscated and under-development custom loaders to infect cryptocurrency industry participants with the Enigma stealer, Trend Micro analysts Aliakbar Zahravi and Peter Girnus reported. Enigma was found to be a modified version of Stealerium, an open-source C#-based malware that acts as a stealer, clipper, and keylogger. The infection process begins with the distribution of a malicious RAR archive file via phishing or social media. It comprises two documents, with one being a .TXT file containing a series of sample interview questions pertaining to cryptocurrencies. This article continues to discuss findings regarding new threats to cryptocurrency users. 

THN reports "Enigma, Vector, and TgToxic: The New Threats to Cryptocurrency Users"