Software Supply Chain Attacks Cause Surge in Cyber Infiltrations and Data Breaches

Post Views: 5

Supply Chain Attacks Trigger Wave of Intrusions and Data Theft

In recent months, a series of supply chain attacks has led to a surge in intrusions and data theft, impacting numerous organizations worldwide.

The Axios Supply Chain Attack

These attacks involve compromising popular software packages, such as the Axios JavaScript library, and using the stolen sensitive information to gain unauthorized access to target systems.

Researchers have linked the Axios supply chain attack to North Korean hackers, who have a history of using social engineering tactics to trick victims into installing malware.

The attack resulted in the installation of a remote access Trojan on Windows, macOS, and Linux systems, allowing attackers to perform system reconnaissance and execute additional malicious payloads.

Multiple Instances of Attacks

Google-owned cloud security company Wiz has reported multiple instances of attacks carried out by the same threat actors responsible for the supply chain operations.

The company’s Customer Incident Response Team (CIRT) observed that the stolen credentials and secrets were quickly validated and used to explore victim environments and exfiltrate additional data.

Affected Organizations

Tech firm OwnCloud has confirmed that it was affected by the Trivy compromise, which temporarily suspended its ability to ship new builds of and patches for its software solutions.
Mercor, which connects human experts with companies building AI, has also acknowledged that it was impacted by the LiteLLM supply chain attack.

Further Investigation

An investigation by Wiz found that the stolen secrets were used to access various cloud environments, including those owned by multiple cloud providers.

The company’s research suggests that the stolen secrets may have been shared among different threat groups, increasing the potential for further software supply chain attacks.