North Korea’s hijack of one of the web’s most used open source projects was likely weeks in the making

A North Korean cyberattack that last Monday briefly hijacked one of the most widely used open source projects on the web took weeks to carry out as part of a long-running campaign to target the code’s top developers.

The hijacking of the Axios project on March 31 was in part successful because it relied on well-resourced hackers building rapport and trust with their intended target over a long period of time to increase their odds of a successful eventual compromise. This kind of hack highlights the security challenges that developers of popular open source projects can face, at a time when government hackers and cybercriminals alike are targeting widely used projects for their ability to access, in some cases, millions of devices worldwide.

Jason Saayman, who maintains the popular Axios project that developers use to connect their apps to the internet, provided a postmortem with a timeline of the hack. He shared that the hackers began their targeting campaign around two weeks before eventually gaining control of his computer to push out malicious code.

Read more at TechCrunch