New 'OtterCookie' Malware Targets Developers in Fake Job Offers

Popular：

Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

New 'OtterCookie' Malware Targets Developers in Fake Job Offers

2024-12-29

Cybersecurity firms have uncovered a new malware, OtterCookie, used in the 'Contagious Interview' campaign by North Korean threat actors. This campaign lures software developers with fake job offers containing malware, including OtterCookie and previously seen malware like BeaverTail. OtterCookie is delivered through Node.js projects or npm packages, establishing communication with a command and control server via Socket.IO. It steals sensitive data, such as cryptocurrency wallet keys, documents, and images, and performs reconnaissance on the infected system. Experts warn developers to carefully vet job offers and avoid running untrusted code.

(www.bleepingcomputer.com)

Tech Malware

Tech Ethics Crisis: Are Big Tech Companies Doing Good?

Iceland Revives EU Accession Bid: Referendum Planned Before 2027