The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to Funnull Technology Inc. (Funnull).
Funnull is a Philippines-based company which provides computer infrastructure for thousands of websites associated with cryptocurrency investment fraud (CIF) scams, commonly referred to as “pig butchering,” and other illicit activities. During CIF scams, perpetrators pose as potential romantic partners or friends to gain victims’ trust, who are then convinced to invest in virtual currency. The perpetrators direct their victims to deposit money into what appear to be legitimate investment platforms, such as websites or applications. Ultimately, money sent to these platforms is not invested, and instead goes directly to the scammers. Funnull facilitates these scams by purchasing IP addresses and providing hosting services and other internet infrastructure to groups performing these frauds.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- New QBot email attacks use PDF and WSF combo to install malware
April 17, 2023
QBot malware is now distributed in phishing campaigns utilizing PDFs and Windows Script Files (WSF) to infect Windows devices. Qbot (aka QakBot) is a former banking trojan that evolved into malware that provides initial access to corporate networks for other threat actors. This initial access is done by dropping additional payloads, such as Cobalt Strike, Brute ...
- Update now: Google emits emergency fix for zero-day Chrome vulnerability
April 17, 2023
Google on Friday released an emergency update for Chrome to address a zero-day security flaw. The vulnerability, tracked as CVE-2023-2033, can be exploited by a malicious webpage to run arbitrary code in the browser. Thus, surfing to a bad website with a vulnerable browser could lead to your device being hijacked. Exploit code for this hole ...
- Hackers abuse Google Command and Control red team tool in attacks
April 17, 2023
The Chinese state-sponsored hacking group APT41 was found abusing the GC2 (Google Command and Control) red teaming tool in data theft attacks against a Taiwanese media and an Italian job search company. APT 41, also known as HOODOO, is a Chinese state-sponsored hacking group known to target a wide range of industries in the USA, Asia, ...
- Ex-Conti members and FIN7 devs team up to push new Domino malware
April 17, 2023
Ex-Conti ransomware members have teamed up with the FIN7 threat actors to distribute a new malware family named ‘Domino’ in attacks on corporate networks. Domino is a relatively new malware family consisting of two components, a backdoor named ‘Domino Backdoor,’ which in turn drops a ‘Domino Loader’ that injects an info-stealing malware DLL into the memory ...
- Australians lose record $3.1 billion to scams in 2022
April 16, 2023
Doris McAllister spent her whole life working hard to support herself. So, last year, when the 75-year-old saw an international bank offering a good return on deposits, she decided to transfer her life’s savings of $260,000 across to help secure her retirement. Six weeks later, when she needed to make a withdrawal, she realised she had been ...
- Multiple Internet to Baseband Remote Code Execution Vulnerabilities in Exynos Modems
April 16, 2023
In late 2022 and early 2023, Project Zero reported eighteen 0-day vulnerabilities in Exynos Modems produced by Samsung Semiconductor. The four most severe of these eighteen vulnerabilities (CVE-2023-24033, CVE-2023-26496, CVE-2023-26497 and CVE-2023-26498) allowed for Internet-to-baseband remote code execution. Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone ...