Everyday is lazarus.dayβ

Dream Job, or Is It?

2024-01-31, AttackIQ


This ongoing cyber campaign targeted defense and governmental organizations globally, employing a social engineering tactic with enticing “dream job” offers sent on behalf of major U.S. aerospace companies. The attackers, known for both espionage and financial theft, successfully infiltrated numerous companies through a sophisticated campaign involving reconnaissance, fictitious LinkedIn profiles, personalized emails, and direct communication via phone and WhatsApp.
Lazarus Group Deconstructed
The Lazarus group, notorious for the Sony breach and WannaCry attack, is assessed to operate globally with a focus on financial cyber heists, exhibiting a shift towards cryptocurrency exchanges.
Operation Dream Job unfolded as a cyberattack spanning from early 2020 to mid-2022, targeting professionals globally, particularly in the defense sector and government organizations. The adversaries employed sophisticated social engineering techniques, offering deceptive job opportunities purportedly from renowned defense and aerospace companies like Boeing, Lockheed Martin, Airbus, and BAE. This tactic mirrors the observed activity reported by ClearSky in August 2020.
A distinctive …