From securityaffairs.co
Tox is a peer-to-peer serverless instant messaging services that uses NaCl for encryption and decryption.
Uptycs researchers reported that threat actors have started using the Tox peer-to-peer instant messaging service as a command-and-control server. Tox has been used in the last months by threat actors as a communication channel between ransomware gangs and their victims.
The researchers recently discovered an ELF sample that acts as a bot and can run scripts on the victim machine using the Tox protocol.