CyberSecurity News
Fake Coding Tests Deliver OtterCookie-Aligned Malware Hidden in SVG Flag Images
AI summary
North Korean threat actors associated with the Contagious Interview campaign are using steganography to hide malware in SVG image files. The malicious payloads are delivered through fake job postings and coding challenges. When a user runs the project, they end up with a four-stage payload that includes a browser credential and crypto wallet stealer, as well as a file stealer. This payload is aligned with OTTERCOOKIE. The attackers are leveraging this tactic to conceal their malicious activity. The use of fake coding tests is a social engineering technique to trick victims into executing the malware.
This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to The Hacker News.

