Based on the open source NGINX Web server, the malicious tool allows threat actors to steal user credentials and session tokens.
Source: htdarkreading.com