According to PANews, SlowMist team member @im23pds disclosed that the North Korean-backed APT organization Lazarus recently deployed an information stealing tool named OtterCookie, targeting personnel in the financial and cryptocurrency industries. This tool steals sensitive data such as browser credentials, macOS keychain passwords, and wallet private keys. Experts recommend being cautious of suspicious job invitations, avoiding running unknown files, and strengthening endpoint security protection.