##

North Korean hacking group Lazarus Group launched a cyberattack dubbed "Operation 99," targeting Web3 and cryptocurrency software developers. Attackers disguised themselves as recruiters, posting fake job postings on platforms like LinkedIn, enticing developers to participate in project testing and code reviews. Once developers fell for the bait, they were guided to clone a GitLab repository containing malicious code that appeared benign but would actually implant malware on the victims' systems. This malware could run cross-platform and steal sensitive data such as passwords, API keys, and cryptocurrency wallet information. The attackers also used highly obfuscated command and control (C2) servers to conceal their actions.