##

The North Korean hacking group Lazarus Group is launching a cyberattack dubbed "Operation 99" targeting Web3 and cryptocurrency developers. The attackers are posing as recruiters, enticing developers on platforms like LinkedIn to participate in fake project testing and code reviews. They then trick the developers into cloning GitLab repositories containing malicious code, implanting modular malware on victim systems. These malware can steal high-value data such as passwords, API keys, cryptocurrency wallet information, and maintain a connection with highly obfuscated command and control (C2) servers to maximize their stealth.