North Korean actors intensify 'Contagious Interview' campaign on npm registry
North Korean threat actors responsible for the “Contagious Interview” campaign have flooded the npm registry with 197 additional malicious packages since last month. According to a Socket analysis, these packages have accumulated more than 31,000 downloads and are designed to distribute a variant of OtterCookie that combines features from BeaverTail and previous versions of OtterCookie. Infection Mechanism and Malware Capabilities The malware, once executed, performs various evasion actions, profiles the compromised machine and establishes a command and control (C2) channel. This channel provides attackers with remote shell and data theft capabilities, including: ...