Lazarus organization uses new malware OtterCookie to precisely attack encryption industry professionals

According to SlowMist team member @ im23pds, the North Korean backed APT group Lazarus recently deployed an information theft tool called OtterCookie, targeting financial and encryption industry personnel to steal sensitive data such as browser credentials, macOS keychain passwords, wallet private keys, etc. Experts suggest beware of suspicious recruitment invitations, avoid running unknown files, and strengthen terminal security protection.