币界网报道：According to a report by Bijie.com, SlowMist posted on X platform that it had recently received intelligence that North Korea's Lazarus APT (Advanced Persistent Threat) organization was using a new stealing software called "OtterCookie" to carry out targeted attacks on professionals in the cryptocurrency and financial industries. Attack methods: Fake recruitment interviews/investor calls Use deepfake videos to impersonate recruiters Disguise malware as "programming challenges" or "updates" Stolen content: Login credentials stored in the browser Passwords and certificates in the macOS keychain Wallet information and private keys Security advice: Be wary of unsolicited job/investment invitations and remote interviews. Never run unknown binaries, especially those disguised as "technical challenges" or "update packages." Enhance EDR (endpoint detection and response) capabilities and monitor for abnormal activities. Use antivirus tools and audit your endpoints regularly. Be sure to be vigilant - always verify before trusting.