US EditionSuspected North Korean Hackers Compromise Axios Package in Supply-Chain Attack
The malicious updates could expose credentials and downstream systems, and researchers said the package is downloaded more than 100 million times a week.
- Suspected North Korean hackers compromised the software package Axios on Tuesday, gaining control of a developer's account for three hours and pushing malicious updates to thousands of companies.
- Pyongyang relies on digital heists to fund nuclear and missile programs, a tactic the regime employed three years ago when infiltrating another popular software provider used by healthcare and hotel firms.
- John Hammond, security researcher at Huntress, identified about 135 compromised devices belonging to roughly 12 companies, describing the hack as "perfectly timed" given AI agents developing software without review.
- "We anticipate they will try to leverage the credentials," Charles Carmakal, Mandiant chief technology officer, warned, as experts expect recovery will take months while attackers target cryptocurrency assets.
- High-Profile, noisy operations are a price Pyongyang is willing to pay because the regime is not worried about its international reputation, Ben Read, director of strategic threat intelligence at Google-owned Wiz, noted.
64 Articles
64 Articles
" Hundreds of thousands of stolen secrets may be circulating as a result of these recent attacks," says Google, warning that there may be more stealths of cryptomouses and 'ransomware' attacks.
North Korean Hackers Linked To Major Security Breach In Suspected Crypto Theft Attempt
North Korean hackers allegedly hit U.S. firms in supply-chain attacks to steal cryptocurrency for the regime’s nuclear funding, according to a report published Tuesday. Are North Korean Hackers Chasing Crypto? The hackers reportedly targeted Axios, a software program that connects applications and web services, according to CNBC. The hackers controlled the software developer’s account for three hours on Tuesday morning, during which malicious u…
Hackers slipped a trojan into axios, the code library behind most of the internet. Your team is probably affected
Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a cross-platform RAT. Axios sits in 80% of cloud environments. Huntress confirmed infections within 89 seconds. Here's what SOC teams need to do now.
North Korean hackers bug software used by thousands of US companies in potential crypto heist attempt
Suspected North Korean hackers have bugged a software package that has been used by thousands of US companies in a major supply-chain attack that could take months to recover from, security experts said Tuesday.
Coverage Details
Bias Distribution
- 74% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
