##

The Lazarus Group, a North Korean hacking group, has launched a cyberattack dubbed "Operation 99" targeting Web3 and cryptocurrency developers. The attackers, posing as recruiters, lure developers on platforms such as LinkedIn into participating in fake project testing and code reviews. They trick developers into cloning GitLab repositories containing malicious code, implanting modular malware onto victim systems. This malware steals high-value data such as passwords, API keys, and cryptocurrency wallet information. It maintains a connection through highly obfuscated command and control (C2) servers, maximizing stealth and concealment.