(Adnkronos) – Alleged North Korean hackers reportedly inserted a flaw into software used by thousands of US companies. CNN reports this, citing security experts, who say the problem could take months to resolve. Experts investigating the cyberattack stated that the hackers’ goal was to steal cryptocurrencies and finance the North Korean regime, which often uses stolen money for its nuclear and missile programs. Yesterday morning, for three hours, Pyongyang-linked hackers gained access to the account of a software developer who manages the open-source software known as Axios. The hackers exploited this access to send malicious updates to all organizations that had downloaded the software during that period, triggering a race against time by the developer to regain control of their account and by cybersecurity officials across the country to assess the damage.
Companies in almost every sector of the economy, from healthcare to finance, use Axios to simplify the creation and management of their websites. Some cryptocurrency companies and technology firms active in this area also use the software. Mandiant, a cyber intelligence company owned by Google, stated that the responsibility is attributable to an alleged North Korean hacker group. “We anticipate they will attempt to leverage the credentials and system access recently gained in this software supply chain attack to target and steal cryptocurrencies from companies,” Charles Carmakal, Mandiant’s CTO, told CNN. “It will likely take months to assess the impact.”
