The article discusses updates to the OtterCookie malware utilized by the North Korea-linked attack group WaterPlum. The malware has evolved through four versions, with v3 and v4 being the focus. OtterCookie v3 introduced Windows support and enhanced file collection capabilities. Version 4 added new Stealer modules for credential theft, improved virtual environment detection, and modified clipboard stealing methods. The malware now targets various file types, including those related to cryptocurrencies, and has sophisticated methods for stealing browser credentials. The continuous updates to OtterCookie demonstrate WaterPlum's active development efforts, posing an ongoing threat to financial institutions and cryptocurrency operators worldwide.