A new info stealer is being released by Russian threat actors in the wild that uses fake crypto related jobs offerings.
Here is the attack chain:
So they will send 2 files on the pretext that they are looking for someone and hire them.
a. Interview questions.txt
b. Interview conditions.word.exe - so this is the first attack as it contains the loader. So once it is installed on your machine, and it will download the second pay loader.
The 3rd and final stage is the Enigma Stealer
Enigma targets system information, tokens, and passwords stored in web browsers like Google Chrome, Microsoft Edge, Opera, and more. Additionally, it targets data stored in Microsoft Outlook, Telegram, Signal, OpenVPN, and other apps.
So if you received some emails, then do not open specially if you used your machine for your crypto activity as it might stole all your info like logins, passwords.
https://www.trendmicro.com/en_us/research/23/b/enigma-stealer-targets-cryptocurrency-industry-with-fake-jobs.html