Cybersecuritynews
WaterPlum's StoatWaffle Malware Targets VSCode Users
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
The North Korea-linked hacking group WaterPlum has launched a new malware strain called StoatWaffle, targeting developers through compromised Visual Studio Code (VSCode) repositories. This malware is part of an ongoing campaign named 'Contagious Interview,' which lures victims with fake job offers. The attack vector involves disguising the malware as legitimate blockchain development projects, allowing it to infiltrate developer machines without detection. The specific scope of the impact remains unclear, but the campaign has been linked to a subgroup known as Team 8, previously associated with the OtterCookie malware. As of now, there are no reported CVEs or specific numbers of affected systems. Security professionals are urged to remain vigilant and monitor for signs of compromise.
Key Points: • WaterPlum has deployed StoatWaffle malware via compromised VSCode repositories. • The attack is part of the 'Contagious Interview' campaign targeting developers. • Team 8, a subgroup of WaterPlum, is linked to previous malware strains like OtterCookie.