##

The North Korean hacking group Lazarus Group is launching a cyberattack named "Operation 99" targeting Web3 and cryptocurrency developers. The attackers pose as recruiters on platforms like LinkedIn, enticing developers to participate in fake project testing and code reviews. They then trick developers into cloning GitLab repositories containing malicious code, which injects modular malware into the victims' systems. This malware can steal high-value data such as passwords, API keys, cryptocurrency wallet information, and maintain a connection through highly obfuscated command and control (C2) servers to maximize their stealth. SlowMist CISO 23pds has posted a warning on social media, advising developers to be cautious, avoid clicking suspicious links, and keep security software updated.