Lazarus hackers breach aerospace firm with new LightlessCan malware

The North Korean ‘Lazarus’ hacking group used fake job opportunities to infiltrate a Spanish aerospace company’s network utilizing a previously unknown backdoor, labelled ‘LightlessCan’ by investigators from ESET. The hacking campaign, dubbed “Operation Dreamjob”, involved using social engineering through LinkedIn, engaging employees in a fake hiring process that required downloading a file, leading to a security breach.