SECURITYTHE HACKER NEWS
Fake Coding Tests Deliver OtterCookie-Aligned Malware Hidden in SVG Flag Images
North Korean threat actors linked to the Contagious Interview campaign are using steganography in SVG image files to hide malicious payloads. These payloads, part of a fake job posting and coding challenge campaign, deliver a four-stage OTTERCOOKIE-aligned malware that steals browser credentials, crypto wallets, and files.
Mentioned
Related Signal
Adjacent reporting
- Belarus-linked hackers use fake training certificates to target Ukrainian officials
- Russian hackers trojanize WebEx, Zoom apps to push Starland malware
- Rust-Written IronWorm Hits NPM Supply Chain
- Laravel Lang packages hijacked to deploy credential-stealing malware
- Telegram Mini Apps abused for crypto scams, Android malware delivery