Axios Hack Traced to AI Deepfake Trap - PCMag Australia

Summary

The Axios software package was hacked in an incident traced to a North Korean hacking group, UNC1069, which used AI deepfakes to impersonate company executives in a phishing scheme. Lead developer Jason Saayman revealed the attackers gained access to his NPM account and PC after tricking him into installing a remote access Trojan during a virtual meeting with AI-generated voices and faces. The breach occurred in late 2023, resulting in a malicious Axios version being briefly distributed for three hours, potentially infecting systems that auto-updated. UNC1069, active since 2018, has targeted cryptocurrency firms and IT companies using similar tactics. Security advisories were issued to mitigate the threat, as the attack highlighted the sophistication of AI-enabled phishing.