##

The Lazarus Group, a North Korean hacking group, is targeting Web3 and cryptocurrency developers with a cyberattack campaign known as "Operation 99." The attackers are posing as recruiters on platforms like LinkedIn, enticing developers to participate in fake project tests and code reviews. They then trick the developers into cloning a GitLab repository containing malicious code, which implants modular malware on the victims' systems. These malicious programs are capable of stealing high-value data such as passwords, API keys, and cryptocurrency wallet information. They also maintain a connection through highly obfuscated command-and-control (C2) servers, maximizing stealth in their operations.