CrowdStrike's Adam Meyers on the rise of AI-era supply chain attacks and North Korea's crypto theft operation

Summary

Adam Meyers, head of counter adversary operations at CrowdStrike, argues that AI-era software development has quietly become the most exposed surface in cybersecurity — not because AI is being weaponized directly, but because it accelerates the conditions that make supply chain attacks so effective.

The structural problem

Vibe coding and agentic tools like Claude Code pull down npm and PyPI libraries automatically, at speed, without developers seeing what they're loading. The result is that codebases are being assembled from components nobody has read. Meyers puts it plainly: libraries trusted for years can be updated overnight with malicious code, and most developers won't notice until something breaks. Axios, for reference, is downloaded roughly 100,000 times per week — the blast radius of a single compromised package is enormous.

The shift from SolarWinds-style attacks to the current wave is instructive. SolarWinds involved infiltrating a CI/CD pipeline to corrupt software at build time — sophisticated, slow, and targeted. What CrowdStrike is tracking now is cruder but faster: attackers phish individual developers, steal their npm or PyPI credentials, and push malicious updates directly. Git tag manipulation can hide the change so the redirect isn't obvious until execution.

Two groups have claimed credit for recent incidents — Team TCP and Team PCP — and are apparently disputing attribution publicly in their own channels. The more significant case, the Axios supply chain attack, CrowdStrike attributes to Stardust Chollima, a North Korean group the firm has tracked since 2015.

North Korea's crypto funding model

North Korea's motivation here is straightforward: cryptocurrency is liquid, pseudonymous, and directly useful for procuring weapons materials. The group stole $1.46 billion in a single attack against a cryptocurrency firm last year, and has been systematically stealing crypto since 2016, with total losses now running into the billions. Supply chain attacks targeting blockchain developers and DAOs are a deliberate strategy — compromise the toolchain of people handling crypto wallets, and the funds flow directly into the weapons program. Meyers notes this is cleaner than data theft, which requires auctioning credentials on underground markets before realizing any value.

The defense layer

Mandating that every developer read every line of AI-generated code and every library dependency isn't realistic. Meyers' argument is that endpoint and build-time behavioral detection is where the practical defense sits. A library loading base64-encoded blobs and decoding them at runtime is detectable as suspicious behavior regardless of whether any human reviewed the source. CrowdStrike's position is that security tooling needs to operate at the execution layer, not rely on the honor system of code review.

For individual developers, Meyers is blunt: identity is the attack surface. Secure your accounts with hardware-based MFA — not SMS, which is vulnerable to SIM swapping — and use distinct passwords across services. Voice-based phishing of help desks has risen by hundreds of percentage points, with attackers calling support lines, providing a supervisor name and office location, and getting credentials reset without ever touching a keyboard.

The broader implication is a coming low-trust era for software. The assumption that an npm package, a Chrome extension, or a Google-authenticated app is safe to install is eroding — and for developers who ship code that touches real assets, the personal attack surface now includes side projects and home tooling, not just enterprise systems.