The Cybersecurity Defenders Podcast #224 - Intel Chat: OtterCookie, Flodrix, Water Curse & Scattered Spider
6 snips
Jun 24, 2025 Delve into the chilling world of OtterCookie, a malware created by North Korea's Lazarus group, which lures victims with fake freelance job offers. Discover a critical flaw in the LangFlow platform, allowing for severe code execution exploits, and the ethical quandaries around hacking disclosure. Also, learn about the nefarious Water Curse, which targets the software supply chain through disguised GitHub repositories, and the evolving tactics of Scattered Spider as they shift focus to the US insurance sector. Cybersecurity insights await!
AI Snips
Chapters
Transcript
Episode notes
OtterCookie's Clever Infection Method
- OtterCookie malware uses deceptive freelance job offers to trick developers into running infected code.
- It cleverly hides payloads as error messages, bypassing static analysis and antivirus detection.
OtterCookie's Credential Theft Strategy
- OtterCookie targets browsers, cryptocurrency wallets, and macOS keychains to steal credentials and NFTs.
- It compresses and exfiltrates data then deploys a persistent RAT called Invisible Ferret.
Funny Malware Names Hide Serious Threats
- Matt Bromley shared how malware names like OtterCookie and Invisible Ferret sound cute but hide serious threats.
- He joked that the soft names help demean threats, yet hinder serious understanding at board level.