##

The Lazarus Group, a North Korean hacking group, launched a cyberattack dubbed “Operation 99,” targeting Web3 and cryptocurrency developers. The attackers impersonated recruiters, luring developers on platforms like LinkedIn to participate in fake project testing and code reviews. This enticed them to clone GitLab repositories containing malicious code, injecting modular malware into victim systems. This malware can steal passwords, API keys, cryptocurrency wallet information, and other high-value data. The attackers maintain connections through highly obfuscated command-and-control (C2) servers, maximizing stealth.