A significant supply-chain attack attributed to suspected North Korean hackers involves a widely-used software package, Axios, utilized by thousands of US companies across various sectors, including finance and health care. Security experts warn that the repercussions may last for months as organizations assess the extent of the breach.
The attack occurred on Tuesday morning, during which the hackers had access to a developer's account for approximately three hours. They exploited this access to distribute malicious updates to users who had downloaded Axios within that timeframe. As a result, cybersecurity teams nationwide are now working diligently to evaluate the damage and regain control.
Mandiant, a cyber-intelligence firm owned by Google, reports that the hackers will likely attempt to utilize the stolen credentials to target cryptocurrency firms, aiming to finance North Korea's missile and nuclear programs. Initial findings reveal around 135 compromised devices across 12 companies, indicating that the actual number of affected organizations may be much higher.
This incident marks the latest in a series of supply-chain attacks linked to North Korean operatives, who have previously targeted software providers used by various industries, emphasizing the ongoing threat posed by the nation’s hacking initiatives.