According to PANews, SlowMist team member @im23pds disclosed that the North Korea-backed APT organization Lazarus recently deployed an information stealing tool named OtterCookie, targeting personnel in the finance and cryptocurrency industries. This tool steals sensitive data such as browser credentials, macOS keychain passwords, and wallet private keys. Experts advise caution against suspicious job invitations, avoiding running unknown files, and enhancing endpoint security.