NK Hackers Push 200 Malicious npm Packages with OtterCookie Malware
Summary
North Korean hackers have intensified their 'Contagious Interview' campaign by uploading over 200 malicious npm packages designed to install OtterCookie malware. This targeted attack primarily affects blockchain and Web3 developers, leveraging fake job interviews and coding tests to lure victims.
Original Article Summary
North Korean hackers escalated the "Contagious Interview" attack, flooding the npm registry with over 200 malicious packages to install OtterCookie malware. This attack targets blockchain and Web3 developers through fake job interviews and coding tests.
Impact
npm registry, blockchain developers, Web3 developers
In the Wild
Yes
Timeline
Newly disclosed
Remediation
Developers should avoid installing packages from untrusted sources and verify the authenticity of npm packages before use. Regularly audit dependencies for malicious code.