##

The Lazarus Group, a North Korean hacking group, launched a cyberattack dubbed “Operation 99” targeting Web3 and cryptocurrency software developers. The attackers disguised themselves as recruiters, enticing developers on platforms like LinkedIn to participate in fake project testing and code reviews. They tricked developers into cloning GitLab repositories containing malicious code, which infiltrated malware into victims' systems. This malware can steal sensitive data like passwords, API keys, cryptocurrency wallet information, and maintain connections through highly obfuscated command and control servers to conceal their actions. SlowMist CISO 23pds issued a warning on social media urging developers to be vigilant and avoid becoming targets.