LONDON (IT BOLTWISE) – North Korean hackers have launched a new wave of attacks focused on European companies in the defense industry. These attacks are part of the long-running Operation Dream Job, which aims to steal valuable information and manufacturing techniques. Particular focus is on companies operating in the field of unmanned aerial vehicles, indicating North Korea’s efforts to expand its drone program.
Today’s daily deals at Amazon! ˗ˋˏ$ˎˊ˗
North Korean hackers linked to the notorious Lazarus group have launched a new wave of attacks focused on European companies in the defense industry. These attacks are part of the long-running Operation Dream Job, first uncovered in 2020 by Israeli cybersecurity firm ClearSky. The operation aims to steal valuable information and manufacturing techniques, particularly in the area of unmanned aerial vehicles (UAVs), indicating North Korea’s efforts to expand its drone program.
The attacks use sophisticated social engineering techniques to lure potential victims with tempting job offers. However, these supposed offers contain Trojanized documents that, when opened, install malware on the victims’ computers. Malware families deployed include ScoringMathTea and MISTPEN, which aim to plunder proprietary information. ESET security researchers first observed the campaign in late March 2025, targeting companies in Southeast and Central Europe.
ScoringMathTea, also known as ForestTiger, was first discovered in October 2022 and has since appeared in various cyberattacks. MISTPEN, on the other hand, was documented by Google Mandiant in September 2024. Both malware families are designed to penetrate deep into victims’ systems and gain complete control. The attackers also use the Microsoft Graph API and tokens to load additional payloads.
The Lazarus Group, also known by names such as APT-Q-1, Black Artemis and Hidden Cobra, has been active since at least 2009 and has established itself as one of the most prolific hacker groups in the world. Their attacks are characterized by high consistency and adaptability, which allows them to continue to operate successfully despite familiar methods. Experts warn that such attacks could endanger not only the companies affected, but also national security because they involve sensitive technologies and information.
*Order an Amazon credit card with no annual fee with a credit limit of 2,000 euros! a‿z
Bestseller No. 1 ᵃ⤻ᶻ “KI Gadgets”
Bestseller No. 2 ᵃ⤻ᶻ “KI Gadgets”
Bestseller No. 3 ᵃ⤻ᶻ “KI Gadgets”
Bestseller No. 4 ᵃ⤻ᶻ «KI Gadgets»
Bestseller No. 5 ᵃ⤻ᶻ “KI Gadgets”
Please send any additions and information to the editorial team by email to de-info[at]it-boltwise.de. Since we cannot rule out AI hallucinations, which rarely occur with AI-generated news and content, we ask you to contact us via email and inform us in the event of false statements or misinformation. Please don’t forget to include the article headline in the email: “North Korean hackers target European defense contractors’ drone secrets”.
The post North Korean hackers target European defense contractors’ drone secrets appeared first on Veritas News.
