Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
North Korea’s cyberattack last Monday summarily confiscated one of the most widely used open source projects on the Internet took several weeks to develop as part of a long-running campaign aimed at key code developers.
The hack of the Axios project on March 31 was successful because it relied on hackers to build relationships and trust long-term interests to increase their chances of success. Such hacks highlight the security challenges that developers of popular open source projects can face, at a time when hackers and cybercriminals are targeting widely used projects to gain access to, in some cases, millions of devices worldwide.
Jason Saayman, who maintains the popular Axios project that developers use to connect their software to the Internet, has been offered. post-mortem it’s hack time. He said the attackers began their targeting campaign about two weeks before they began hacking his computer to release malicious code.
By presenting itself as a real company, creating a Slack workplace that looks good, and using fake profiles of its employees to build credibility, Saayman. he said suspected North Korean hackers invited him to an online conference that prompted him to download malware that appeared to be necessary to make the call. Said Saayman he took skill used by North Korean hackers to trick victims into giving hackers away from their system, often stealing their cryptocurrency.
This, Saayman said, was based on old hacks produced by North Korea and security researchers at Google.
After compromising and gaining access to Saayman’s computer, the hackers released malicious updates to the Axios project.
The two negative Axios packages, which were pulled three hours after they were first published on March 31, may have infected thousands of people on the screen, although the full extent of the spread is unclear. Any computer that installed malicious software during this time may have allowed their private keys, certificates, and passwords to be stolen from the computer, which could lead to further compromises.
Saayman did not immediately respond to an email with questions about the incident.
North Korean hackers are still one of the biggest threats to the internet today, due to theft of at least $2 billion in cryptocurrency only in 2025.
Kim Jong Un’s regime is still under international sanctions and is banned from the International Monetary Fund for violating the ban on his nuclear weapons program, which the country finances by launching cyberattacks and stealing cryptocurrencies.
North Korea is they believe they have thousands of organized hackers – many of whom are working against their will under Kim’s oppressive regime. These hackers spend weeks or months conducting complex technical attacks aimed at gaining the trust of, and ultimately earning, stealing cryptocurrencies and data to take away from their victims.
