TechFlow, June 6 — SlowMist Security Team's latest alert: North Korean hacker group Lazarus is using a new theft tool named OtterCookie to specifically target cryptocurrency and financial professionals in cyberattacks. The attackers lure victims into running malware disguised as "coding challenges" or "update packages" by impersonating job interviews, investment discussions, and even using deepfake video technology to pose as recruiters.
The malware can steal browser-stored login credentials, passwords and certificates from macOS Keychain, as well as cryptocurrency wallet information and private keys.
Security experts advise remaining vigilant against unsolicited job or investment offers, avoiding execution of programs from unknown sources, strengthening endpoint security monitoring, and conducting regular security audits.




