North Korean Hackers Use OtterCookie Malware in Job Scam
/ 1 min read
🐾💻 North Korean hackers deploy new OtterCookie malware in targeted job scam. The Contagious Interview campaign, active since December 2022, has evolved with the introduction of OtterCookie, a new malware variant aimed at software developers through fake job offers. Researchers from NTT Security Japan report that OtterCookie, which began appearing in September, is delivered via loaders that exploit Node.js projects and npm packages from platforms like GitHub. Once installed, it can steal sensitive data, including cryptocurrency wallet keys and clipboard information, while also allowing attackers to execute commands for further infiltration. The emergence of OtterCookie highlights the need for developers to verify potential employers and exercise caution with coding tests that may involve running untrusted code.
