The U.S. Department of Justice is targeting over $7.74 million in crypto and other digital assets allegedly linked to a global IT worker scheme orchestrated by North Korea. Accused of exploiting remote IT contracting to evade U.S. sanctions, North Korean IT workers are believed to have used fake identities to work in U.S. crypto companies. The operation involved recruiting facilitators to run laptop farms worldwide, and laundering proceeds through various accounts. These funds are suspected to have been sent back to the North Korean government.
FIN7-linked threat group impersonates 7-Zip, software updates
GrayAlpha, a cybercrime group related to threat actor FIN7, is imitating websites such as 7-Zip to distribute the NetSupport remote access trojan (RAT). The Insikt
