Return to Threats

Fake Coding Tests Deliver OtterCookie-Aligned Malware Hidden in SVG Flag Images

thehackernews.com 2026-07-17 malicious AI use Critical

What Happened

North Korean threat actors linked to the Contagious Interview campaign have been observed employing steganography in SVG image files to conceal malicious payloads as part of a campaign using fake job postings and coding challenges. "Any user who ran the project ended up with a four-stage payload aligned with OTTERCOOKIE: a browser credential and crypto wallet stealer, a file stealer, a

Why It Matters

According to reporting on the Contagious Interview campaign, North Korea-linked threat actors are hiding multi-stage OtterCookie-aligned malware in seemingly benign SVG flag images used inside fake coding tests and job assignments for developers.[1][2][6] The payload steals browser credentials, cryptocurrency wallet data, files, and clipboard contents, and establishes a Socket.IO-based remote access trojan, specifically targeting software and Web3/blockchain developers via recruiting workflows.[1][2][5] From a RealGround perspective, this illustrates malicious use of code-related workflows that AI agents increasingly automate (e.g., fetching, running, or reviewing coding tests and developer projects); if AI agents are allowed to ingest or execute artifacts from recruiting or coding challenges without strict isolation and content inspection, they can become a conduit for credential theft and remote access. Organizations should apply continuous AI red teaming to developer-assist and recruiting-assist agents, testing whether they can be tricked into running or trusting steganographically hidden payloads in SVG or other code assets, and enforce policies that require sandboxed execution

Healthcare Fintech SaaS SMB AI startups

RealGround Analysis

This signal maps to malicious AI use. Organizations using AI agents, LLM APIs, SaaS integrations, or sensitive data workflows should review whether this class of issue could create unauthorized tool execution, data leakage, weak approval gates, or unmanaged supply-chain exposure.

Recommended Actions

  • Restrict AI agent tool permissions and production write paths.
  • Review sensitive data access across prompts, logs, embeddings, memory, and SaaS integrations.
  • Add human approval workflows for high-impact or state-changing actions.
  • Run prompt injection and indirect prompt injection tests against affected workflows.
  • Document the owner, control gap, and remediation deadline for this risk class.

Source

https://thehackernews.com/2026/07/north-korea-linked-hackers-hide.html

Talk to AI CISO