North Korean hackers bug software used by thousands of US companies in potential crypto heist attempt

Suspected North Korean hackers have bugged a software package that has been used by thousands of US companies in a major supply-chain attack that could take months to recover from, security experts said Tuesday.

Experts who are responding to the hack told CNN they expect a long-term campaign to steal cryptocurrency to fund the North Korean regime, which often spends such stolen money on its nuclear and missile programs.

For three hours on Tuesday morning, the Pyongyang-linked hackers had access to the account of a software developer who manages the open-source software known as Axios. The hackers used that access to send malicious updates to any organization that downloaded the software during that time, setting off a scramble by the software developer to regain control of his account and by cybersecurity executives across the country to assess the damage.

Companies in just about every sector of the economy, from health care to finance, use Axios to simplify building and managing their websites. Some cryptocurrency firms use the software, as do tech firms active in the crypto industry.

...

About half of North Korea’s missile program has been funded by such digital heists, a White House official said in 2023.

Last year, North Korean hackers stole $1.5 billion in cryptocurrency in a single attack in what was then the largest crypto hack on record.

...

Hammond described the hack as “perfectly timed,” given the adoption of AI agents that develop software at organizations “without any review or guardrails.”

“The whole software supply chain’s biggest weakness has an open door in today’s era where too many people don’t read what gets put in the ingredients anymore,” Hammond told CNN.

https://edition.cnn.com/2026/03/31/politics/north-korea-hacking-crypto