"Its DreamJob campaigns have been around since 2020, and are characterized by their use of social engineering to lure job seekers with fake offers for high-profile positions - before tricking the victims into clicking on malicious links or documents. The targets are typically aerospace and defense firms, followed by engineering and technology companies, along with media and entertainment. Lazarus' goal in these attacks involves stealing IP and other sensitive data, conducting cyber spying missions, and also gaining financial data."
"According to ESET Research, this latest campaign began in late March with attacks successfully hitting three European defense-sector companies. While the threat hunters don't name the organizations, they note that one is a metal engineering company in Southeastern Europe, another manufactures aircraft components in Central Europe, and the third is a defense company also in Central Europe. All three victims make military equipment and/or parts, and much of this gear is being used by the Ukrainian military to fight Russian invaders."
Operation DreamJob began in late March and successfully compromised three European defense-sector companies: a metal engineering firm in Southeastern Europe, an aircraft component manufacturer in Central Europe, and a defense company in Central Europe. The campaign uses social engineering, luring job seekers with fake high-profile offers that deliver malicious links or documents. Targets focus on aerospace and defense, engineering and technology, and media, with at least two victims tied to UAV technology—one making drone components and another developing UAV software. All cases involved droppers containing an internal DLL named DroneEXEHijackingLoader.dll. The Lazarus Group aims to steal intellectual property, conduct cyber espionage, and harvest financial data.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]