InvisibleFerret is a modular python malware that is leveraged for data exfiltration and remote access capabilities. InvisibleFerret consists of four modules: main, payload, browser, and AnyDesk. InvisibleFerret malware has been leveraged by North Korea-affiliated threat actors identified as DeceptiveDevelopment or Contagious Interview since 2023.

InvisibleFerret has historically been introduced to the victim environment through the use of the BeaverTail malware.