North Korean Hackers Targeted Axios Dev in Sophisticated Supply Chain Attack via Fake Teams Update

The maintainers of the widely used Axios HTTP client have revealed how North Korean hackers executed a sophisticated supply chain attack by compromising a developer’s account through a months-long social engineering campaign. The attackers impersonated a legitimate tech company, lured the maintainer into a fake Slack workspace, and tricked them into installing malware disguised as a Microsoft Teams update. Once inside, the hackers published two malicious versions of Axios to the npm registry—versions 1.14.1 and 0.30.4—which contained a hidden dependency, plain-crypto-js, that installed a remote access trojan (RAT) on macOS, Windows, and Linux systems.

How the North Korea-Backed UNC1069 Group Orchestrated the Axios Supply Chain Attack

Google’s Threat Intelligence Group (GTIG) has traced the Axios attack to UNC1069, a financially motivated North Korean threat actor active since at least 2018. According to GTIG’s analysis, the attackers used WAVESHAPER.V2, an updated version of a previously documented toolkit associated with UNC1069. The group has a history of targeting cryptocurrency firms and other high-value sectors, often deploying payloads such as backdoors, downloaders, and infostealers to steal credentials, browser data, and session tokens.

The Axios incident follows a broader pattern of supply chain attacks that exploit the trust placed in widely used open-source libraries. By compromising a single developer account—particularly one with elevated privileges—the attackers were able to inject malicious code into releases that would be automatically downloaded by thousands of applications. This method bypasses traditional security controls because the malicious payload is introduced through a trusted dependency rather than direct code modification.

The Social Engineering Playbook: From Fake Slack to Fake Teams Update

The attack began weeks before the malicious Axios releases when the threat actors targeted Jason Saayman, the lead maintainer of Axios, through a meticulously crafted social engineering campaign. The attackers created a convincing replica of a legitimate company’s branding, including cloned websites, fake LinkedIn profiles of executives, and a Slack workspace designed to mimic the real company’s internal communications. Saayman described the workspace as having realistic channels with staged activity, including posts that appeared to originate from the company’s verified LinkedIn account.

“They then invited me to a real slack workspace. this workspace was branded to the companies ci and named in a plausible manner. The slack was thought out very well, they had channels where they were sharing linked-in posts, the linked in posts i presume just went to the real companys account but it was super convincing etc. they even had what i presume were fake profiles of the team of the company but also number of other oss maintainers.” — Jason Saayman, lead maintainer of Axios

After establishing credibility in the Slack workspace, the attackers scheduled a Microsoft Teams meeting with Saayman and other alleged participants. During the call, a technical error message appeared, falsely claiming that the user’s system was out of date and required an immediate update to Microsoft Teams. The installer, however, was not a legitimate update but a remote access trojan (RAT) that granted the attackers full control over Saayman’s device. With access to the developer’s authenticated session, the hackers were able to retrieve npm credentials for the Axios project and publish the malicious packages.

The Malicious Axios Releases: What Was Injected and How It Spread

The malicious Axios versions, 1.14.1 and 0.30.4, were live on the npm registry for approximately three hours before being removed. During that window, any system that installed these versions would have automatically pulled the plain-crypto-js dependency, which acted as a dropper for the RAT. Security experts warn that even a brief exposure period can lead to widespread compromise, particularly in environments where automated dependency updates are enabled.

Unlike traditional malware that modifies source code, this attack relied on injecting a malicious dependency into otherwise legitimate releases. This technique is particularly insidious because it leverages the trust developers place in package managers like npm. Once installed, the RAT could exfiltrate sensitive data, establish persistent access, or serve as a foothold for further attacks within the organization.

Coordinated Campaign Targets Multiple Open Source Maintainers

The Axios attack was not an isolated incident. Cybersecurity firm Socket reported that the same threat actors launched a coordinated campaign targeting maintainers of other high-impact Node.js projects, including contributors to the Mocha testing framework and Node.js core itself. These maintainers are responsible for packages with billions of weekly downloads, making them prime targets for supply chain attacks.

Pelle Wessman, a maintainer of the Mocha framework and other popular open-source projects, confirmed he was targeted in the same campaign. Wessman shared a screenshot of a fake RTC connection error message designed to trick users into installing malware. When he refused, the attackers attempted to convince him to run a curl command to download and execute a payload. After his refusal, the threat actors abruptly ended the conversation and deleted all traces of their interactions.

“When it became clear that I wouldn’t run the app and we had chatted back and forth on website and chat app they made one final desperate attempt and tried to get me to run a curl command that would download and run something, then when I refused they went dark and deleted all conversations.” — Pelle Wessman, maintainer of Mocha and other open-source projects

Socket’s researchers noted that the campaign followed a consistent pattern: initial contact via LinkedIn or Slack, invitation to a private workspace, relationship-building, and then a video call during which an error message prompted the installation of fake updates or the execution of suspicious commands. The uniformity of tactics across multiple targets suggests a highly organized and scalable operation.

Why Supply Chain Attacks Are Becoming More Common and Dangerous

Supply chain attacks have surged in recent years as attackers recognize the potential for massive impact with minimal effort. By compromising a single dependency or developer account, threat actors can infect thousands of downstream applications and systems. The Axios incident highlights how social engineering—particularly attacks that exploit trust and urgency—remains one of the most effective vectors for gaining initial access.

The rise of automated dependency management in modern software development has further amplified the risk. Tools like npm and pip automatically pull updates, meaning that a compromised package can spread rapidly without any manual intervention. This underscores the need for organizations to implement robust security practices, including dependency scanning, multi-factor authentication (MFA) for critical accounts, and regular credential rotation.

What the Axios Team Did to Mitigate Damage and Prevent Future Attacks

In response to the breach, the Axios maintainers took immediate action to contain the damage. They wiped all affected systems, reset every credential associated with the project, and implemented additional safeguards to prevent similar incidents in the future. These measures included stricter access controls, enhanced monitoring for suspicious activity, and a review of all third-party integrations.

The maintainers also emphasized that the attack did not involve modifications to the Axios source code itself. Instead, the malicious payload was delivered through a compromised dependency, which is often harder to detect than overt code changes. This distinction is critical for developers and security teams when investigating supply chain incidents.

Key Takeaways: What Developers and Organizations Need to Know

• North Korean threat actor UNC1069 executed a supply chain attack on Axios by compromising a developer’s account through social engineering, resulting in two malicious npm releases (1.14.1 and 0.30.4) that contained a RAT.
• The attack lasted only three hours but exposed systems to remote access trojans capable of bypassing MFA and stealing sensitive data.
• The threat actors used a multi-stage social engineering playbook, including fake Slack workspaces and fake Microsoft Teams error messages to deliver malware.
• This campaign targeted multiple high-impact open-source maintainers, indicating a coordinated effort to infiltrate the software supply chain.
• Organizations must adopt stronger security measures, such as dependency scanning, credential rotation, and MFA enforcement, to mitigate the growing risk of supply chain attacks.

The Broader Threat Landscape: North Korea’s History of Cyber Operations

North Korea has long used cyber operations to fund its regime, often targeting financial institutions, cryptocurrency exchanges, and critical infrastructure. The UNC1069 group, in particular, has been active since at least 2018 and is known for its use of sophisticated social engineering tactics and custom malware toolkits. Previous campaigns attributed to this group have involved the deployment of infostealers like AppleJeus and other malware designed to siphon funds or extract sensitive data.

The Axios attack demonstrates how nation-state actors are increasingly focusing on the software supply chain as a means to achieve strategic objectives. By compromising widely used open-source libraries, these groups can inflict economic damage, steal intellectual property, or gain a foothold in targeted organizations with minimal risk of direct attribution.

Best Practices for Protecting Against Supply Chain Attacks

To defend against supply chain attacks like the one targeting Axios, organizations and developers should adopt a multi-layered security strategy. This includes:

Secure Development Practices

Developers should minimize the use of third-party dependencies where possible and regularly audit their projects for outdated or vulnerable packages. Tools like npm audit, Snyk, and Dependabot can help identify and remediate known vulnerabilities in dependencies. Additionally, developers should use signed commits and verify the integrity of packages before installation.

Robust Authentication and Access Controls

Critical accounts, such as those used to publish packages or manage repositories, should be protected with multi-factor authentication (MFA) and role-based access controls. Credentials should be rotated frequently, and developers should avoid using the same passwords or tokens across multiple services. The Axios attack underscored how compromised credentials can lead to catastrophic breaches.

Monitoring and Incident Response

Organizations should implement continuous monitoring for unusual activity, such as unexpected dependency updates or unauthorized access to repositories. Automated tools can help detect anomalies, but human oversight is essential for investigating potential breaches. In the event of a compromise, a rapid response plan should include isolating affected systems, revoking compromised credentials, and conducting a thorough forensic analysis.

Frequently Asked Questions About the Axios Supply Chain Attack