North Korea’s hijack of one of the web’s most used open source projects was likely weeks in the making

A North Korean cyberattack that last Monday briefly hijacked one of the most widely used open source projects on the web took weeks to carry out as part of a long-running campaign to target the code’s top developers. The hijacking of the Axios project on March 31 was in part successful because it relied on well-resourced hackers building rapport and trust with their intended target over a long period of time to increase their odds of a successful eventual compromise. This kind of hack highlights the security challenges that developers of popular open source projects can face, at a time when government hackers and cybercriminals alike are targeting widely used projects for their ability to access, in some cases, millions of devices worldwide.