North Korea-linked hackers carried out a major supply chain attack

[noumoe]

North Korea-linked hackers carried out a major supply chain attack by infiltrating Axios, a widely used JavaScript library downloaded tens of millions of times weekly that silently powers websites, apps, and online banking functions.

The hackers compromised a developer's account and pushed malicious updates for roughly three hours on Monday before being stopped, potentially exposing thousands of companies to credential theft.

Google attributed the attack to a North Korean group tracked as UNC1069, known for targeting cryptocurrency and finance firms. Security firm Huntress has already identified around 135 compromised devices across roughly 12 companies, with experts warning the full scope could take months to assess.

Mandiant's CTO stated the group is expected to leverage stolen credentials to steal cryptocurrency — a key revenue stream for Pyongyang's nuclear and missile programs.

North Korean hackers have stolen billions in crypto in recent years, including $1.5 billion in a single attack last year.

https://www.reuters.com/sustainability/ ... 026-03-31/