A new cyber campaign targeting aerospace and defense professionals began this spring by a threat group linked to North Korea, the cyber security firm McAfee said on Thursday.
McAfee’s Advanced Threat Research team has been tracking the campaign by Hidden Cobra, the North Korean-linked group, since April, saying it is using similar tactics, techniques and procedures against the aerospace and defense industries as it did in cyber espionage efforts in 2017 and 2019.
McAfee says the latest activity under what it calls Operation North Star was observed in mid-June. The aim is to steal sensitive information from aerospace and defense professionals using job recruiting emails and attachments to the emails.
Job postings mention work for U.S. defense programs and groups, including the F-22 fighter, Defense, Space and Security, photovoltaics for space solar cells, Aeronautics Integrated Fighter Group, and military aircraft modernization programs. Job postings include senior design engineer and system engineer.
“The campaign’s objective is to collect information from individuals connected to the industries in the job descriptions,” the McAfee report says.