Hackers target behind-the-scenes softwares
Hackers associated with North Korea hacked the behind-the-scenes software that operates various online functions to steal login credentials that could trigger cyber operations, according to Google.
Threat actors hacked Axios, a program that links apps and web services, by installing their malicious software in an update. An expert at Sentinel said that “Every time you load a website, check your bank balance, or open an app on your phone, there’s a good chance Axios is running somewhere in the background making that work.”
About the compromised software
The malicious software has been removed. But if it were successful, it could carry out data theft and other cyberattacks. The software is open-source, not a proprietary commercial product. This means the code can be openly licensed and changed by the users.
Experts described the incident as a supply chain attack in which hackers could compromise downstream entities. According to experts, you don’t have to click anything or make a mistake, as the software you trust does it for you.
Who is responsible?
Google attributed the hack to a group it tracks as UNC1069. In a February report, Google stated that the group has been active since at least 2018 and is well-known for focusing on the banking and cryptocurrency sectors.
According to a statement from John Hultquist, principal analyst for Google’s threat intelligence group, “North Korean hackers have deep experience with supply chain attacks, which they primarily use to steal cryptocurrency.”
The U.S. government claims that North Korea uses stolen cryptocurrency to finance its weapons and other initiatives while avoiding sanctions.
Attack tactic
A request for comment was not immediately answered by North Korea’s mission to the United Nations.
The hackers created versions of the malware that could infect macOS, Windows, and Linux operating systems, according to an analysis published by cybersecurity firm Elastic Security.
According to Elastic, “the attacker gained a delivery mechanism with potential reach into millions of environments” as a result of the hackers’ techniques. The number of times the dangerous program was downloaded was unclear.
Attempts to get in touch with the hackers failed.
Read the original article: