open-source
ai-llms
software-engineering
View original source
video

Axios Hack: Fake Slack + Teams RAT from North Korea

Hackers used AI-crafted fake Slack workspaces and Teams calls to build trust over 2-3 weeks, tricking Axios maintainer into installing a RAT that published malicious npm packages 1.4.1 and 1.3.4 for 3 hours.

Social Engineering Setup Builds False Trust

Attackers cloned a real company's founder profile and branding, creating a convincing Slack workspace named after the company's CI system. Channels mimicked corporate life—sharing LinkedIn posts, fake team profiles, and even OSS maintainers chatting—to normalize the environment. They slow-rolled engagement: scheduled a meeting a week out, then rescheduled another week, fostering rapport over 2-3 weeks instead of rushing, reducing suspicion. This mirrors real company Slacks but highlights a red flag: excessive LinkedIn sharing signals unhinged culture. Jason, the Axios maintainer, joined without immediate alarm.

RAT Delivery Masquerades as Legit Update

The trap peaked in a Microsoft Teams meeting (instant red flag—avoid writing about joining Teams calls publicly). With multiple 'participants' present, a prompt claimed Jason's system was outdated, urging a Teams-related driver install. This was a Remote Access Trojan (RAT): malware granting hackers full hidden control—viewing screens, files, executing commands. Screenshots show it mimicking Teams/Zoom UIs perfectly, with near-identical links (e.g., us5web.us/zoom.us/ID vs. real zoom.us/ID). Even savvy users like Jason fell; the speaker admits he'd likely click too. Post-compromise on March 31st, hackers forced publication of axios 1.4.1 and 1.3.4, injecting plaincrypto.js—a credential-stealing wrapper around real crypto.

State Ties and Broader Threat Pattern

This matches UNC1069, North Korean actors targeting crypto/AI sectors (per Google Cloud blog). They leverage AI for UI cloning, credential flipping in links, and sophisticated phishing. Packages stayed live 3 hours; check dependencies and roll all credentials if affected. GitHub drama: Maintainer Jason detailed fixes, but 'Victor' downvoted repeatedly—suspicious, as he admitted downloading the fake update himself.

Key Defenses Against Elite Phishing

Verify meeting tools (ditch Teams for Zoom/Slack huddles); scrutinize install prompts in 'official' apps; slow-rolls don't guarantee legitimacy—probe Slack activity deeply. For OSS maintainers, this underscores human vuln over code: even experts need multi-factor checks on unexpected collabs. Roll creds proactively post-incident; audit npm for tainted versions.

Video description
https://twitch.tv/ThePrimeagen - I Stream on Twitch Source: https://github.com/axios/axios/issues/10636#issuecomment-4182134203 https://cloud.google.com/blog/topics/threat-intelligence/unc1069-targets-cryptocurrency-ai-social-engineering https://twitter.com/terminaldotshop - Want to order coffee over SSH? ssh terminal.shop Become Backend Dev: https://boot.dev/prime (plus i make courses for them) This is also the best way to support me is to support yourself becoming a better backend engineer. Great News? Want me to research and create video????: https://www.reddit.com/r/ThePrimeagen Kinesis Advantage 360: https://bit.ly/Prime-Kinesis

Summarized by x-ai/grok-4.1-fast via openrouter

5390 input / 1524 output tokens in 16691ms

© 2026 Edge