A North Korean-linked group, WaterPlum’s Cluster B, has evolved its tactics by introducing OtterCandy”, a Node.jsbased RAT and information stealer”, through the ClickFake Interview campaign, with significant enhancements observed in August 2025. This threat actor, attributed to North Korea, orchestrated two primary campaigns: Contagious Interview and ClickFake Interview. Although multiple clusters operate under the WaterPlum umbrella, Cluster […] The post ClickFake Interview Campaign Used by Threat Actors to Deliver OtterCandy Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/clickfake-interview-campaign/
