North Korean hackers allegedly hit U.S. firms in supply-chain attacks to steal cryptocurrency for the regime’s nuclear funding, according to a report published Tuesday.

Are North Korean Hackers Chasing Crypto?

The hackers reportedly targeted Axios, a software program that connects applications and ‌web services, according to CNBC. The hackers controlled the software developer’s account for three hours on Tuesday morning, during which malicious updates were sent to organizations that downloaded the software.

Axios is also used by cryptocurrency firms, blockchain developers and tech firms active in the cryptocurrency industry.

Security experts told CNBC that this could be part of a “long-term campaign” by the North Korean regime to steal cryptocurrency, which is then used to fund their nuclear and missile programs.

Google Threat Intelligence Group also detected suspected attempts to steal cryptocurrency.

“This could enable further software supply chain attacks, software as a service environment compromises, ransomware and extortion events, and cryptocurrency theft over the near term,” according to an in-depth incident analysis.

Google Threat Intelligence Group attributed the hack to a “financially motivated North Korea-nexus threat actor.”

A Sinister Plot?

This incident is not an isolated event but part of a larger pattern of North Korean attacks to pilfer cryptocurrency.

In 2025, hackers from the Hermit Kingdom stole $2.02 billion in cryptocurrency, up 51% from the previous year’s haul, cementing it as the worst year yet for such attacks, according to Chainalysis.

Countries including the U.S., Japan, and South Korea have raised concerns over North Korea’s ability to support its nuclear and missile programs through cybercrime. As of October, North Korean IT agents were reported to have funneled $1 billion into Kim Jong-un‘s nuclear program.

Disclaimer: This content was partially produced with the help of Benzinga Neuro and was reviewed and published by Benzinga editors.