KryptoCibule is a new malware family that is fully focused on getting as much cryptocurrency as possible from its victims. It steals wallets, hijacks transactions, and starts mining on infected machines. The malware has managed to stay under the radar for almost two years, extending its functionality with each new version. It relies heavily on the Tor network to communicate with its command and control (C2) servers. It spreads via malicious torrents in archives pretending to install software for pirated versions of popular software and games.
Source: https://www.bleepingcomputer.com/news/security/kryptocibule-malware-dodges-antivirus-to-steal-cryptocurrency/