BlockBeats News, June 6th, the latest intelligence from the SlowMist Security Team shows that the North Korean Lazarus hacking group is using a new stealthy information-stealing trojan called OtterCookie to launch targeted attacks against cryptocurrency and financial professionals.
The tactics involved include forging high-paying job interview/investor talks, using deepfake videos to impersonate the recruiting party, and disguising malware as "programming test questions" or "system update packages."
The targets for theft include browser-stored login credentials, passwords and digital certificates in the macOS Keychain, as well as cryptocurrency wallet information and private keys.
SlowMist advises to remain vigilant against actively provided job/investment invitations, conduct multi-factor authentication for remote interviews, avoid running executable files of unknown origin, especially those disguised as "technical test questions" or "update patches," strengthen endpoint defense (EDR), deploy antivirus software, and regularly check for unusual processes.
Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.