North Korean Hackers Target US Companies in Supply-Chain Attack for Cryptocurrency Theft

Q: How much cryptocurrency has North Korea stolen in the past?

North Korean hackers have reportedly stolen **$1.5 billion** in cryptocurrency in a single attack, which was the largest crypto hack on record.

Original: North Korean hackers bug software used by thousands of US companies in potential crypto heist attempt

Cnn•Apr 1, 20263 min

In a Nutshell

Suspected North Korean hackers have compromised a software package used by thousands of US companies in a supply-chain attack aimed at stealing cryptocurrency. The incident raises concerns about the potential funding of North Korea's nuclear and missile programs through stolen digital assets.

Key Points

01North Korean hackers accessed a software developer's account for three hours, sending malicious updates.
02The Axios software, used across various sectors, is now a target for cryptocurrency theft.
03Experts predict a long-term campaign to exploit the hack, affecting many organizations.
04North Korea has previously conducted similar attacks, stealing billions from banks and crypto firms.
05The hack highlights vulnerabilities in the software supply chain, particularly with AI development.

In-Article Ad

Full Summary

Security experts have reported that suspected North Korean hackers have compromised a widely-used software package, Axios, in a significant supply-chain attack. For three hours on Tuesday, the hackers accessed the account of a software developer managing Axios, which is utilized by thousands of US companies across various sectors, including health care and finance. During this time, they sent out malicious updates, prompting a nationwide response to assess the damage. Cybersecurity firm Mandiant indicated that the hackers are likely to leverage their access to target cryptocurrency firms, potentially funding North Korea's nuclear ambitions. This incident is part of a broader trend of North Korean cyberattacks, which have previously resulted in the theft of billions of dollars from financial institutions. Experts warn that the full impact of this attack may not be known for months, with initial findings revealing at least 135 compromised devices across 12 companies. The attack underscores the vulnerabilities in software supply chains, especially as organizations increasingly adopt AI technologies without adequate oversight.

Key Figures

135

Compromised devices identified

$1.5 billion

Amount stolen in the largest crypto hack by North Korea

In-Article Ad

Why It Matters

This attack could lead to significant financial losses for affected companies and raise concerns about the security of software supply chains, particularly for those involved in cryptocurrency.

Who is affected

Companies using Axios, particularly in the cryptocurrency sector, as well as their clients and stakeholders.

What to know

Organizations should review their cybersecurity protocols and assess their use of Axios to mitigate potential risks.

FAQ

Axios is an open-source software package used by thousands of US companies to build and manage websites, making it a critical tool across various sectors.

North Korean hackers have reportedly stolen $1.5 billion in cryptocurrency in a single attack, which was the largest crypto hack on record.

Read the original article →