Toxiceye.rar

Can delete, transfer, or encrypt files for ransom (AES-256 encryption).

Look for the file path C:\Users\ToxicEye\rat.exe on your system. ToxicEye.rar

The malware communicates back to the attacker via the Telegram API, which often bypasses enterprise security because Telegram is seen as a "trusted" service. Signs of Infection & Protection Can delete, transfer, or encrypt files for ransom

The malware grants attackers nearly full control over a victim's machine: steal user data

For further technical details, researchers at Check Point Research and The Hacker News have published comprehensive analyses of this threat. ToxicEye RAT hits Telegram app to spy, steal user data