🚨 SlowMist Security Alert🚨

‼️Beware of a new threat from the LAZARUS APT group — #OtterCookie info-stealer malware is targeting professionals in the finance and crypto industries.

🎯 Attack tactics:

🔹Posing as reputable companies with fake interviews or investment pitches

🔹Using deepfakes to impersonate interviewers/investors in video calls

🔹Tricking victims into running malware disguised as coding challenges or video app updates

🔹Once executed, OtterCookie steals sensitive data silently

🕵️‍♂️ Targets include:

🔹Browser-stored credentials

🔹macOS Keychain passwords & certificates

🔹Locally stored crypto wallet info & private keys

🛡️ Stay safe:

🔹Verify all unsolicited job/investment offers

🔹Never run unknown binaries, especially “challenges” or “updates”

🔹Use anti-virus software and monitor for abnormal behaviors

📚 Read more about #APT:

https://t.co/hyzwQoiu23

cc @im23pds