Summary: The Lazarus Group, linked to North Korea, has launched a new cyber attack campaign known as Operation 99, targeting software developers in the Web3 and cryptocurrency sectors. The campaign employs fake recruiters on platforms like LinkedIn to lure victims into cloning malicious GitLab repositories, ultimately embedding malware in their environments. This sophisticated operation aims to exfiltrate sensitive data, including cryptocurrency wallet keys, potentially leading to significant financial theft.
Threat Actor: Lazarus Group | Lazarus Group
Victim: Software Developers | software developers
Keypoints :
- Operation 99 targets developers through deceptive recruitment tactics on LinkedIn.
- Victims are directed to clone malicious GitLab repositories that connect to command-and-control servers.
- The malware can exfiltrate sensitive data, including source code and cryptocurrency wallet keys, posing a significant financial threat.
Source: https://thehackernews.com/2025/01/lazarus-group-targets-web3-developers.html
Views: 0