North Korea’s hijack of one of the web’s most used open source projects was likely weeks in the making
TechCrunch·6h ago·Fear
What Happened
North Korean hackers compromised Jason Saayman, maintainer of the widely-used Axios open source project, on March 31. The attackers spent weeks building trust through fake companies and employee profiles before tricking him into downloading malware during a fake web meeting. Two malicious Axios packages were published and pulled within three hours, potentially infecting thousands of systems. The compromise could have exposed developers' private keys, credentials, and passwords.
Key Entities
North KoreaAxios projectJason Saaymanopen sourcecyberattackMarch 31malwaresocial engineering