The latest intelligence from the Slow Mist security team shows that the North Korean Lazarus hacker group is using a new type of theft Trojan called OtterCookie to launch targeted attacks against cryptocurrency and financial practitioners. Total tactics include faking high-paying job interviews/investor talks, using depth fake videos to impersonate recruiters, and disguising malicious software as "programming test questions" or "system update packages." Stealing targets include...
慢雾安全团队最新情报显示,朝鲜 Lazarus 黑客组织正在使用名为 OtterCookie 的新型窃密木马,针对加密货币及金融从业者发起定向攻击。 共计手法包括伪造高薪职位面试/投资人洽谈、使用深度伪造 (Deepfake) 视频冒充招聘方、将恶意软件伪装成“编程测试题”或“系统更新包”。 窃取目标包括浏...
SlowMist said in a post on the X platform that it has recently received intelligence that North Korea's Lazarus APT (Advanced Persistent Threat) group is using a new type of theft software called "OtterCookie" to target professionals in the cryptocurrency and financial industries. Attack method: Fake job interviews/investor calls Using depth fake videos to impersonate recruiters So...
慢雾于X平台发文表示,近期收到情报,指出朝鲜的Lazarus APT(高级持续性威胁)组织正在使用一种名为“OtterCookie”的新型窃密软件,对加密货币和金融行业的专业人士进行定向攻击。 攻击手法: 假冒招聘面试/投资者电话 使用深度伪造(Deepfake)视频冒充招聘人员 ...