Lazarus APT targets professionals in the crypto and financial industries through the theft software "OtterCookie"

SlowMist said in a post on the X platform that it has recently received intelligence that North Korea's Lazarus APT (Advanced Persistent Threat) group is using a new type of theft software called "OtterCookie" to target professionals in the cryptocurrency and financial industries.
Attack method:
Fake job interviews/investor calls
Using depth fake videos to impersonate recruiters
Disguise malicious software as a "programming challenge" or "update"
Stealing content:
Login credentials stored in the browser
Passwords and certificates in the macOS keychain
Wallet information and private key
Safety advice:
Be vigilant against unsolicited job/investment offers and remote interviews.
Never run unknown binaries, especially those masquerading as "technical challenges" or "update packages."
Enhance EDR (endpoint detection and response) capabilities and monitor for abnormal activity.
Use antivirus tools and regularly audit your endpoints.
Be vigilant - verify before you trust.