Hackers linked to North Korea are suspected of an ambitious attack on an inconspicuous but widely used software package, Google analysts and other cybersecurity experts said Wednesday. A Google Threat Intelligence blog post said the impact of the attack "by North Korea-nexus actors" is "broad and has ripple effects" as other popular packages rely on Axios. A UN panel estimated in 2024 that North Korea had stolen more than $3 billion in cryptocurrency since 2017. In one example, Elastic Security Labs also said it suspected a "DPRK-linked threat cluster", using the initials of North Korea's official name. Computer programmers use Axios to send requests to servers, allowing software to connect to the web, according to Bloomberg.
