#North Korean hackers target Web3 developers#

The Lazarus Group, a North Korean hacking group, is targeting Web3 and cryptocurrency software developers with a campaign called "Operation 99". The attackers pose as recruiters on platforms like LinkedIn, enticing developers to participate in fake project tests and code reviews. They trick developers into cloning GitLab repositories containing malicious code, thereby planting modular malware on victims' systems. This malware can steal valuable data like passwords, API keys, cryptocurrency wallet information, and maintain a connection through highly obfuscated command-and-control (C2) servers, maximizing stealth.