""If the victim browser was Chromium family, it steals browser extension data besides stored credentials. If the victim browser was Firefox, it steals browser extension data besides stored credentials.""
""For victims running macOS, the malware also targets Keychain databases.""
""StoatWaffle isn't an isolated campaign. It's the latest chapter in the Contagious Interview attacks, widely attributed to North Korea-linked threat actors tracked as WaterPlum.""
StoatWaffle malware maintains communication with an attacker-controlled C2 server, executing commands such as terminating processes, changing directories, and uploading files. It exhibits custom behavior based on the victim's browser, stealing browser extension data and stored credentials. For macOS victims, it targets Keychain databases. StoatWaffle is part of the Contagious Interview attacks, linked to North Korea-associated threat actors known as WaterPlum.
Read at InfoWorld
Unable to calculate read time
Collection
[
|
...
]