North Korea Hacks EU Drone Firms in Data Theft Blitz

State-sponsored hackers from North Korea’s Lazarus group have launched a cyberespionage campaign targeting European firms in the unmanned aerial vehicle sector. The operation, which began in March 2025, compromised three defense-related organizations in Central and Southeastern Europe. This marks another development in the series of North Korea hacks targeting EU drone technology.

The attackers used fake job offers and trojanized PDF readers to lure victims, ultimately deploying advanced malware to extract sensitive UAV data. Researchers discovered that infected systems contained a dropper named DroneEXEHijackingLoader.dll, confirming the campaign’s drone focus. The main payload, a remote access trojan called ScoringMathTea, has been in use since 2022 and enables extensive system control.

Lazarus embedded malicious code into trusted open-source software, allowing the malware to spread while avoiding detection. These tactics reflect a broader pattern of North Korea hacks against EU drone development efforts.

Read the full article at:
https://cybersecuritynews.com/north-korean-hackers-attacking-unmanned-aerial-vehicle-industry/