##

The North Korean hacking group Lazarus Group has recently launched a cyberattack dubbed "Operation 99," targeting Web3 and cryptocurrency software developers. Attackers, posing as recruiters, lure developers on platforms like LinkedIn into participating in disguised project testing and code reviews. They trick victims into cloning GitLab repositories containing malicious code, thereby planting malware on their systems. These malware possess cross-platform adaptability, enabling the theft of valuable data such as passwords, API keys, cryptocurrency wallet information, and maintaining connections through highly obfuscated command-and-control (C2) servers to maximize stealth.