OtterCandy Malware: Sophisticated Update by WaterPlum Group

A new report from NTT Security Japan highlights the evolved malware family OtterCandy, attributed to the WaterPlum group. This campaign showcases advanced multi-platform intrusion capabilities, targeting Windows, macOS, and Linux. OtterCandy, built with Node.js, functions as both a Remote Access Trojan (RAT) and an Information Stealer, combining elements from earlier espionage tools. The malware's latest update enhances its persistence and data-theft capabilities, including an anti-forensic module that removes traces after execution.

Latest mentioned: 10-20

Earliest mentioned: 10-16

Sources

securityonline.info gbhackers.com securityonline.info talosintelligence.com hackread.com cybersum.net

Also Read

Winos 4.0 Malware Expands Targets with HoldingHands RAT

The threat actors behind Winos 4.0 malware have expanded their targeting to include new regions, utilizing phishing emails with embedded malicious links in PDFs. These attacks deliver the HoldingHands RAT, which is capable of capturing sensitive information and executing arbitrary commands. The malware is distributed through fake websites and SEO poisoning, and is linked to an aggressive cybercrime group. Recent campaigns have used taxation-themed documents and fake landing pages to deceive recipients into downloading the malware.

10-19Read more →