The PsiXBot malware has made a few changes in recent weeks, including implementing Google s DNS over HTTPS (DoH) and adding the blackmail-ready PornModule to its bag of tricks. The malware is a multi-use Windows malware that has a range of capabilities, including keylogging, stealing passwords and cookies, spreading spam, mining for cryptocurrency and fingerprinting infected machines. Version 1.0.3 of the malware is spreading via the Spelevo exploit kit.
Source: https://threatpost.com/psixbot-pornmodule-google-dns/148142/