The US has seized 17 website domains used by North Korean IT workers in a scheme targeting US and foreign businesses, aiming to fund the government’s weapons program. According to the US Justice Department, North Korea dispatched these workers, largely to China and Russia, with the aim of deceiving businesses into hiring them as freelancers. The fraudulent workers made millions through this scheme for North Korea. These particular IT workers had been sanctioned by the Department of the Treasury in 2018.

FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites
The Russian cybercrime group FIN7 is linked to a Python-based backdoor named Anubis, providing them remote access to compromised Windows systems, says Swiss cybersecurity firm