Hot Topic Ranking

Hot Score

Pension Fund Investment in Bitcoin

American citizens are enthusiastic about investing in Bitcoin.

Mysterious Address Adds to ARC Holdings

$2.7 billion worth of options expire tomorrow.

50 Million USDC Burned

$9.57 million in ETH withdrawn

Hong Kong is accelerating the issuance of virtual asset licenses.

Trump Policies Fuel the Surge in Tokenized Assets

Binance.US was fined.

## Binance User Survey Report Released

Bitcoin self-custody losses exceed $1.5 billion

XRP Search Heat Surpasses Bitcoin

a16z co-founder proposes federal employees return to office

MicroStrategy Makes Massive BTC Purchase

DOGE may rebound after the pullback.

Related Currencies

##

Posts

Hot Topic Details

Hot Topic Overview

Ace Hot Topic Analysis

Public Sentiment · Discussion Word Cloud

Classic Views

Hot Topic Details

Hot Topic Overview

Overview

The Lazarus Group, a North Korean hacking group, launched a cyberattack dubbed "Operation 99" targeting Web3 and cryptocurrency developers. The attackers disguised themselves as recruiters and lured developers on platforms like LinkedIn to participate in fake project testing and code audits, prompting them to clone GitLab repositories containing malicious code. Once developers cloned the repositories, malware was implanted on their systems, stealing sensitive data like passwords, API keys, and cryptocurrency wallet information. The attackers also employed highly obfuscated command and control (C2) servers to conceal their activities. SlowMist CISO 23pds issued a warning on social media, alerting developers to this new type of attack.

Ace Hot Topic Analysis

Analysis

The Lazarus Group, a North Korean hacking organization, has launched a cyberattack called "Operation 99" targeting Web3 and cryptocurrency software developers. The attackers, posing as recruiters, are posting fake job postings on platforms like LinkedIn, enticing developers to participate in disguised project testing and code audits. Once developers fall for the trap, they are directed to clone a malicious GitLab repository that appears benign but actually contains malicious code. This malicious code implants modular malware onto victims' systems, which is cross-platform adaptable and can steal high-value data such as passwords, API keys, cryptocurrency wallet information, and more. The attackers also maintain connectivity through highly obfuscated command-and-control (C2) servers to minimize their actions. SlowMist CISO 23pds warns developers to be vigilant, avoid trusting job offers from unknown sources, and carefully examine the source of code repositories to avoid falling victim to the attack.