Gotta fly: Lazarus targets the UAV sector

ESET researchers observed a Lazarus Operation DreamJob campaign targeting several European defense and UAV-related companies by using fake job offers and trojanized open-source software to side-load malicious DLLs and deploy the ScoringMathTea RAT; the report includes execution-chain analysis, numerous IOCs (file hashes, C2 domains and IPs), and MITRE ATT&CK mappings, and assesses the activity as likely aimed at stealing UAV-related intellectual property to support North Korea’s drone efforts.