Emma Okonji

ESET researchers have observed a new instance of Operation DreamJob, a campaign that it tracked under the umbrella of North Korea-aligned Lazarus, in which several European companies active in the defense industry were targeted.

Some of these are heavily involved in the unmanned aerial vehicle (UAV) sector, suggesting that the operation may be linked to North Korea’s current efforts to scale up its drone programme.

It discusses the broader geopolitical implications of the campaign and provides a high-level overview of the toolset used by the attackers.

Lazarus attacks against companies developing UAV technology align with recently reported developments in the North Korean drone programme.

Its first appearance dates to late 2022, when its dropper was uploaded to VirusTotal. Soon after, it was seen in the wild, and since then in multiple attacks attributed to Lazarus’ Operation DreamJob campaigns, which makes it the attacker’s payload of choice for already three years,” the research report said.

Responding to these recent revelations of global cyberespionage campaigns by ESET, Managing Director of ESET Nigeria, Olufemi Ake, raised concerns over the growing vulnerability in the defense ecosystem, going by the current state of security in the region, particularly West Africa.

“It is an attractive region for cyberattacks. With the increasing digital connectivity, expansion of defence partnerships, and emergence as a numerous tech innovation hub, individuals are now seen as potential entry points for both direct cyber threats and indirect access to global supply chains as it relates to the security situation in certain pocket areas.”Ake stated.