The North Korean hacker group Lazarus has intensified attacks on cryptocurrency industry specialists, using new malware OtterCookie, reported SlowMist on June 6, 2025. The attackers use social engineering methods, posing as employers offering high-paying positions. Victims are lured into fake interviews, being asked to install a communication program that contains malicious code. OtterCookie steals passwords, private keys of cryptocurrency wallets, and macOS Keychain data.
Lazarus, known for attacks on the Bybit exchange with losses of $1.4 billion in February 2025, uses fake videos with deepfake technology and malicious npm packages to attack Solana and Exodus wallets. The group also targets IT specialists and companies in the nuclear industry, employing trojans and backdoors such as MISTPEN. Experts note the hackers' shift to more sophisticated methods, avoiding large-scale exploits.
SlowMist advises avoiding suspicious files, strengthening endpoint protection, and being cautious with job offers. Lazarus attacks pose a threat to the security of the cryptocurrency industry, requiring increased vigilance from users.
Subscribe to #MiningUpdates for the latest news!
#LazarusGroup #OtterCookie #CryptoSecurity #CyberAttack #blockchain #Hacking #Web3
