North Korean Threat Actors Update OtterCookie Malware to Version 4

The actors behind the North Korean threat campaign Contagious Interview are using updated versions of a multi-platform malware called OtterCookie. According to NTT Security Holdings, the attackers have been "actively and continuously" updating the malware, introducing versions v3 and v4. The v4 version of OtterCookie includes capabilities for detecting virtual machines (VMs) and stealing credentials from Chrome browsers and the MetaMask extension. The malware is capable of stealing credentials from web browsers and other files.