Unpacking Axios – 400 million downloads. One Compromised Password
Failed to add items
Add to basket failed.
Add to wishlist failed.
Remove from wishlist failed.
Adding to library failed
Follow podcast failed
Unfollow podcast failed
Unpacking Axios – 400 million downloads. One Compromised Password
-
Narrated by:
-
By:
About this listen
On March 31st, Axios was compromised. Four hundred million monthly downloads. The HTTP library sitting inside almost every web application your clients use, depend on, or have had custom-built for them.
The attacker did not touch a single line of code. They hijacked the maintainer's credentials, slipped in one hidden dependency, and let your clients' own systems install the malware automatically during a routine update. It stole every credential it could find, cleaned up after itself, and left no trace. Three hours. Gone before most people woke up.
That attack did not come out of nowhere. This is the fifth attack in twelve days between TeamPCP and UNC 1069 (North Korea).
We wanted one person on The CyberCall this week: someone who spent two decades at Foundstone, Mandiant, and FireEye investigating exactly how these attacks unfold. This person then built Cylerian to ensure MSPs have the tools to stop them before the 2 a.m. call comes in. This week's special guest is Vijay Akasapu, CEO of Cylerian.