Lazarus Group's Operation 99 Targets Web3 Developers with Fake LinkedIn Profiles, Hijacks Google Accounts and Deploys Sneaky 2FA

The Lazarus Group, a North Korean cybercriminal organization, has intensified its attacks targeting developers, particularly those in the Web3 space. Recent reports indicate that the group is employing fake LinkedIn profiles in an operation dubbed 'Operation 99' to lure Web3 developers. In addition to this, the group has been linked to a broader campaign involving the hijacking of Google advertiser accounts to distribute malware. Furthermore, researchers have identified a new phishing kit called 'Sneaky 2FA,' designed to bypass two-factor authentication for Microsoft 365 accounts. This kit is part of a rising trend in phishing attacks that utilize hidden code in images to deploy keyloggers and other malicious software. The ongoing threats highlight vulnerabilities in browser security and the need for enhanced cybersecurity measures.