North Korea’s NPM Nightmare: OtterCookie Malware Hits 197 Packages!
The Contagious Interview campaign, linked to North Korea, has expanded by adding 197 malicious npm packages to spread updated OtterCookie malware. Cyber crooks pose as recruiters, targeting crypto and Web3 developers with fake job interviews and trojanized projects. Their malware can steal credentials, monitor devices, and wreak havoc on unsuspecting victims.
Hot Take:
North Korea must have skipped the memo that ‘contagious’ isn’t a positive adjective when it comes to their interviewing techniques. The Contagious Interview campaign seems less like a job opportunity and more like a malware-infested digital plague. Guess they’re redefining what it means to ‘infect’ the tech industry!
Key Points:
- North Korea-linked actors expanded their Contagious Interview campaign with 197 new npm packages to spread OtterCookie malware.
- The campaign targets software developers, especially in the crypto and Web3 sectors, on Windows, Linux, and macOS.
- Attackers use social engineering tactics, posing as recruiters and offering fake job interviews.
- The campaign uses GitHub, Vercel, and npm for malware distribution and command and control activities.
- OtterCookie malware acts as an all-in-one infostealer and remote access tool, with capabilities including keylogging and credential theft.
Already a member? Log in here