The malware does not try to hide its presence in the system from antivirus programs and has not gained much popularity in the underground yet, indicating that it is a new player in the market.
PurpleFox is a modular Windows botnet malware with rootkit capabilities, allowing it to hide and persist on infected devices, and it can be used for activities like introducing more potent payloads and launching DDoS attacks.
It is speculated that the threat actors behind the attacks may be deploying an update to hide their presence, or a grey-hat hacker could be rebooting the devices to clear the implant.