##

The North Korean hacking group Lazarus Group launched a cyberattack dubbed "Operation 99" targeting Web3 and cryptocurrency developers. The attackers, posing as recruiters, posted fake job listings on platforms like LinkedIn, enticing developers to participate in disguised project testing and code reviews. Once developers take the bait, they are directed to clone a GitLab repository containing malicious code, implanting malware into the victim's system. This malware is capable of stealing passwords, API keys, cryptocurrency wallet information, and other sensitive data. It also maintains connections with command-and-control servers through highly obfuscated commands to maximize its stealth.