Researchers observed the HawkEye keylogger acting as the first-stage downloader for a cryptocurrency miner in a new phishing campaign. The attack began by sending out generic attack emails leveraging fake job applications as a theme. Instead, malicious actors used HawkEyes file installation feature to load a sample of CGMiner. This open-source cryptocurrency miner gave the attackers the ability to mine for different types of virtual currency across all operating systems. Security professionals can help protect enterprise data by crafting an identity and access management (IAM) strategy.”]