Threat Research

    BeaverTail and OtterCookie Evolve with a New JavaScript Module

    A North Korea-aligned group, Famous Chollima, is using fake job offers to lure victims into installing malware. In a recent case, a trojanized Node.js app called Chessfi was distributed via the NPM package node-nvm-ssh. The group’s tools, BeaverTail and OtterCookie, have evolved by merging functionalities and adding a new JavaScript module for keylogging and taking screenshots....
    10/17/2025  0
    Read More »

    Fake North Korean IT Worker Linked to BeaverTail Video Conference App Phishing Attack

    Unit 42 researchers have linked a North Korean IT worker group, CL-STA-0237, to phishing attacks using malware-infected video conference apps like BeaverTail. Operating from Laos, the group exploited a U.S. IT services company to secure a job at a major tech firm. CL-STA-0237 is part of a larger network supporting North Korea's illicit activities, including WMD and missile prog...
    11/15/2024  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.