Crypto Heist: Thousands Of US Companies Targeted By North Korean Hackers

Thousands of US companies have been targeted by North Korean hackers who allegedly bugged a software package that could take months for the firms to recover from, CNN quoted security experts.

According to CNN, for three hours on Tuesday the Pyongyang-linked hackers had access to the account of a software developer who manages the open-source software known as Axios. The hackers reportedly used the access to send malicious updates to organisations downloading the software at that time.

It is important to note that US companies of almost ever sector use Axios to simplify building and managing their websites.

Also Read: North Korea Hacked Emails of South Korean President’s Aide: Here’s When and What Was Leaked

CNN quoted Mandiant, a cyber-intelligence

firmed owned by Google, confirming that a suspected North Korean hacking group was responsible.

CNN quoted experts saying that a long-term campaign is expected to steal cryptocurrency to fund the North Korean regime, which often spends such stolen money on its nuclear and missile programmes.

Also Read: North Korean Hackers Stole $721 Million in Cryptocurrency from Japan – Nikkei

“We anticipate they will try to leverage the credentials and system access they recently obtained in this software supply chain attack to target and steal cryptocurrency from enterprises,” said Charles Carmakal, Mandiant’s chief technology officer. “It will likely take months to assess the downstream impact of this campaign.

However, this incident is not the first. In past several years, United Nations and private firms have reported that North Korean hackers have stolen billions of dollars from banks and cryptocurrency firms.

In 2023, a White House official said that about half of North Korea’s missile programme is funded by such digital heists.

According to CNN, North Korean hackers stole $1.5 billion in cryptocurrency last year in a single attack in what was then the largest crypto hack on record.