North Korea Hackers Suspected Of Attack On Widely Used Software Tool

Hackers linked to North Korea are suspected of an ambitious attack on an inconspicuous but widely used software package, Google analysts and other cybersecurity experts said Wednesday. 

The cyberattack on a technical tool called Axios, which has tens of millions of weekly downloads by developers, could have far-reaching implications. 

A Google Threat Intelligence blog post said the impact of the attack "by North Korea-nexus actors" is "broad and has ripple



effects" as other popular packages rely on Axios.

"Hundreds of thousands of stolen secrets could potentially be circulating as a result of these recent attacks." That could enable further cyberattacks including ransomware, extortion and cryptocurrency theft, it said.

Google on Wednesday described Axios as "the most popular JavaScript library used to simplify HTTP requests" -- a behind-the-scenes part of computer programming targeted in the so-called "supply chain attack".