Lazarus APT targeted employees at an unnamed nuclear-related organization

The North Korea-linked Lazarus Group targeted employees of a nuclear-related organization in January 2024 as part of their cyber espionage campaign, Operation Dream Job. The attack involved a complex infection chain using multiple types of malware, including CookieTime, which was used to download payloads and evade detection. Lazarus utilized compromised WordPress web servers as command and control infrastructure for the campaign.