Slow Mist: North Korea's Lazarus is using a new cryptographic Trojan called OtterCookie to launch targeted attacks against crypto practitioners
2025-06-06 02:51:23
The latest intelligence from the Slow Mist security team shows that the North Korean Lazarus hacker group is using a new type of theft Trojan called OtterCookie to launch targeted attacks against cryptocurrency and financial practitioners.
Total tactics include faking high-paying job interviews/investor talks, using depth fake videos to impersonate recruiters, and disguising malicious software as "programming test questions" or "system update packages."
The targets include login credentials saved by the browser, passwords and digital certificates in the macOS keychain, as well as encrypted wallet information and private keys.
SlowMist advises to be vigilant about unsolicited job offers/investment offers, remote interviews require multiple verifications, do not run executable files of unknown origin, especially so-called "technical test questions" or "update patches", strengthen end point protection (EDR), deploy antivirus software and regularly troubleshoot abnormal processes.
Total tactics include faking high-paying job interviews/investor talks, using depth fake videos to impersonate recruiters, and disguising malicious software as "programming test questions" or "system update packages."
The targets include login credentials saved by the browser, passwords and digital certificates in the macOS keychain, as well as encrypted wallet information and private keys.
SlowMist advises to be vigilant about unsolicited job offers/investment offers, remote interviews require multiple verifications, do not run executable files of unknown origin, especially so-called "technical test questions" or "update patches", strengthen end point protection (EDR), deploy antivirus software and regularly troubleshoot abnormal processes.
Previous article:
慢雾:朝鲜Lazarus正使用名为OtterCookie的新型窃密木马,针对加密从业者发起定向攻击Next article:
Sky联创过去2天使用质押奖励回购433万枚SKY7x24 Newsflash
Hot News
Cryptocurrency Payback Calculator - InstructionsVitalik: "DAO" means "project", "official" means "scam"Backpack Exchange已面向英国用户开放其服务派盾:NIBI同名代币发生Rug Pull,损失约31.39万美元香港金管局推出稳定币发行人沙盒CIAN与Lido合作,在Base上推出wstETH Hyper-Staking VaultGate.io 3月储备金总额突破60亿美元,额外储备金超8亿美元Polyhedra Network已于3月12日16时完成ZK空投快照英FCA:不会反对加密资产相关ETN上市请求BTC流通市值突破1.4万亿美元,续创新高Space Nation将于3月底启动OIK代币空投
Related Recommendations
Cryptocurrency Payback Calculator - InstructionsBackpack Exchange已面向英国用户开放其服务派盾:NIBI同名代币发生Rug Pull,损失约31.39万美元香港金管局推出稳定币发行人沙盒CIAN与Lido合作,在Base上推出wstETH Hyper-Staking VaultGate.io 3月储备金总额突破60亿美元,额外储备金超8亿美元Polyhedra Network已于3月12日16时完成ZK空投快照英FCA:不会反对加密资产相关ETN上市请求BTC流通市值突破1.4万亿美元,续创新高Space Nation将于3月底启动OIK代币空投
