North Korea's hijack of one of the web's most used open source projects was likely weeks in the making
TechCrunch • • business
Key Points:
- North Korean hackers conducted a weeks-long campaign culminating in the hijacking of the widely used open source Axios project on March 31, briefly pushing malicious updates to thousands of users.
- The attack involved building trust with Axios maintainer Jason Saayman through fake company profiles and a realistic Slack workspace, eventually tricking him into downloading malware during a web meeting.
- The hackers gained remote access to Saayman’s computer, enabling them to release malicious code that could steal private keys, credentials, and passwords from infected systems.
- The malicious Axios packages were removed about three hours after release, but the full extent of the infection and damage remains unclear.
- North Korean cyberattacks, often linked to cryptocurrency theft to fund the regime’s nuclear program, continue to pose significant global security threats.
.png?format=webp&w=120&h=80)
