"The hijacking of the Axios project on March 31 was in part successful because it relied on well-resourced hackers building rapport and trust with their intended target over a long period of time to increase their odds of a successful eventual compromise."
"By posing as a real company, creating a realistic-looking Slack workspace, and using fake profiles of its employees to build credibility, the suspected North Korean hackers then invited him into a web meeting that prompted him to download malware masquerading as an update necessary to access the call."
"After compromising and gaining remote access to Saayman's computer, the hackers then released the malicious updates to the Axios project."
"The two malicious Axios packages, pulled some three hours after they were first published on March 31, may have still infected thousands of systems during that window."
A North Korean cyberattack targeted the Axios project, successfully hijacking it after weeks of preparation. Hackers built trust with developers, ultimately gaining control of a computer to push malicious code. The attack involved creating a fake company and Slack workspace to lure the developer into downloading malware. This incident underscores the security challenges faced by open source projects, as government hackers and cybercriminals exploit these vulnerabilities to access millions of devices worldwide. The malicious updates may have infected thousands of systems before being removed.
Read at TechCrunch
Unable to calculate read time
Collection
[
|
...
]