FlagThis

North Korean threat actors are actively using a new malware called ‘OtterCookie’ in their ‘Contagious Interview’ campaign. This campaign is targeting software developers with fake job offers. The malware acts as a backdoor, enabling unauthorized access to compromised systems. This is part of a broader trend of North Korean cyber activity aimed at financial gain and espionage. The activity indicates a sophisticated and persistent threat actor leveraging social engineering to infiltrate targeted systems.

The North Korean hacking group TraderTraitor, also known as Jade Sleet, UNC4899, and Slow Pisces, is identified as the perpetrator behind the $308 million cryptocurrency theft from Japanese exchange DMM Bitcoin. The group, which is a cryptocurrency-focused element within the Reconnaissance General Bureau, primarily targets blockchain-related companies. The attackers used social engineering techniques to infiltrate the target. They have been known to use supply chain attacks to install malware.