Online reports that Slowfog posted on the X platform saying that it recently received intelligence that North Korea's Lazarus APT (Advanced Persistent Threat) organization is using a new type of secret theft software called "OtterCookie" to target professionals in the cryptocurrency and financial industries. Conduct targeted attacks. Attack method: Fake recruitment interview/investor phone Use deepfake video to impersonate recruiters to disguise malware as a "programming challenge" or "update" Steal content: login credentials stored in the browser Passwords and certificates in the macOS keychain Wallet information and private key Security advice: Be vigilant against unsolicited work/investment offers and remote interviews. Never run unknown binaries, especially those disguised as "technical challenges" or "update packages." Enhance EDR (Endpoint Detection and Response) capabilities and monitor abnormal activity. Use anti-virus tools and regularly audit your endpoints. Be vigilant-be sure to verify before trusting.