Operation DreamJob hits Europe’s UAV supply chain: What DFIR teams need to collect, hunt, and block
ESET documented a late‑March through mid‑2025 surge of Operation DreamJob activity attributed to North Korea–aligned Lazarus, targeting multiple European defense companies — including firms that build UAV components and UAV software — to steal proprietary designs and manufacturing know‑how. Initial access relied on classic “dream job” lures and trojanized readers/loaders; later stages delivered ScoringMathTea, a Lazarus RAT with ~40 commands. ESET links the focus on UAV know‑how to North Korea’s push to scale its domestic drone program. (ESET WeLiveSecurity). (welivesecurity.com)