Just a sample of the Echomail archive
Cooperative anarchy at its finest, still active today. Darkrealms is the Zone 1 Hub.
| CONSPRCY | How big is your tinfoil hat? | 2,445 messages |
[ << oldest | < older | list | newer > | newest >> ]
| Message 1,868 of 2,445 |
| Mike Powell to All |
| North Korean hackers targ |
| 25 Oct 25 10:16:40 |
TZUTC: -0500 MSGID: 1625.consprcy@1:2320/105 2d622631 PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0 TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0 BBSID: CAPCITY2 CHRS: ASCII 1 FORMAT: flowed North Korean hackers target European defense firms with dream job scam Date: Fri, 24 Oct 2025 14:14:00 +0000 Description: Lazarus is after drone know-how and has infiltrated three firms. FULL STORY Infamous North Korean state-sponsored threat actors, Lazarus Group, have been targeting Southeastern European defense firms with their Operation DreamJob scams. Security researchers at ESET claim the goal of the attacks was to steal the know-how and other proprietary information on unmanned aerial vehicles (UAV) and drones. Lazarus is known for its work in supporting North Koreas weapons development program. This is usually done by attacking crypto firms, stealing money, and then using it to fund research and development. In this case, the operation is somewhat different, but the goal is the same. ScoringMathTea Operation DreamJob is Lazarus signature move. The group would create fake companies, fake personas, and fake jobs, and then reach out to their targets, offering lucrative positions. People who take the bait are usually invited to multiple rounds of job interviews and trials, in which they are asked to download PDF files, programs, apps, and code. However, instead of actually completing any trials, the victims would simply be downloading malware . ESET says the attacks took place at approximately the same time when North Korean soldiers were in Russia, assisting the Russian army in the Kursk region, which was in late 2024. At least three companies were breached, and information on how to build drones was stolen. The researchers explained that North Korea is building drones of its own, and that many of the materials used in Eastern European drones are also used in North Korea. They also explained that many of the drones designed in Eastern Europe are being used in the Ukrainian war, which is why they were of particular interest to Lazarus. After breaching their targets, the attackers would deploy ScoringMathTea, a remote access trojan (RAT) that grants full control over the compromised machine. We believe that it is likely that Operation DreamJob was at least partially aimed at stealing proprietary information, and manufacturing know-how, regarding UAVs. The drone mention observed in one of the droppers significantly reinforces this hypothesis, says ESET researcher Peter Klnai, who discovered and analyzed these latest Lazarus attacks. We have found evidence that one of the targeted entities is involved in the production of at least two UAV models that are currently employed in Ukraine, and which North Korea may have encountered on the front line. This entity is also involved in the supply chain of advanced single-rotor drones, a type of aircraft that Pyongyang is actively developing, adds Alexis Rapin, ESET cyberthreat analyst. ====================================================================== Link to news story: https://www.techradar.com/pro/security/north-korean-hackers-target-european-de fense-firms-with-dream-job-scam $$ --- SBBSecho 3.28-Linux * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105) SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700 SEEN-BY: 226/30 227/114 229/110 111 206 300 307 317 400 426 428 470 SEEN-BY: 229/664 700 705 266/512 291/111 320/219 322/757 342/200 396/45 SEEN-BY: 460/58 633/280 712/848 902/26 2320/0 105 304 3634/12 5075/35 PATH: 2320/105 229/426 |
(c) 1994, bbs@darkrealms.ca