The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to Funnull Technology Inc. (Funnull).
Funnull is a Philippines-based company which provides computer infrastructure for thousands of websites associated with cryptocurrency investment fraud (CIF) scams, commonly referred to as “pig butchering,” and other illicit activities. During CIF scams, perpetrators pose as potential romantic partners or friends to gain victims’ trust, who are then convinced to invest in virtual currency. The perpetrators direct their victims to deposit money into what appear to be legitimate investment platforms, such as websites or applications. Ultimately, money sent to these platforms is not invested, and instead goes directly to the scammers. Funnull facilitates these scams by purchasing IP addresses and providing hosting services and other internet infrastructure to groups performing these frauds.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Several NATO websites suffer a cyber attack
February 13, 2023
Several NATO websites have suffered a computer attack on Sunday night, leaving the NATO Special Operations Headquarters website, among others, temporarily inoperative. “NATO cyber experts are actively dealing with an incident affecting some NATO websites. NATO deals with cyber incidents on a regular basis, and takes cyber security very seriously,” an Atlantic Alliance official told DPA ...
- Cloudflare blocks record-breaking 71 million RPS DDoS attack
February 13, 2023
This weekend, Cloudflare blocked what it describes as the largest volumetric distributed denial-of-service (DDoS) attack to date. The attacks were launched using over 30,000 IP addresses from multiple cloud providers against various targets, including gaming providers, cloud computing platforms, cryptocurrency firms, and hosting providers. Read more… Source: Bleeping Computer
- Play Ransomware lists A10 Networks on its leak site
February 11, 2023
The Play ransomware group listed networking firm A10 Networks in its leak site, after briefly gaining access to its IT infrastructure, according to data breach notifications firm BetterCyber. BetterCyber notes that the leak site claims the group has “private and personal confidential data, a lot of technical documentation, agreements, employee and client documents.” Read more… Source: GovInfoSecurity
- Ransomware crooks steal 3m+ patients’ medical records, personal info
February 11, 2023
Several California medical groups have sent security breach notification letters to more than three million patients alerting them that crooks may have stolen a ton of their sensitive health and personal information during a ransomware infection in December. According to the Southern California health-care organizations, which include Regal Medical Group, Lakeside Medical Organization, ADOC Medical Group, ...
- #StopRansomware – Ransomware Attacks on Critical Infrastructure Fund DPRK Espionage Activities
February 10, 2023
CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and Republic of Korea’s Defense Security Agency and National Intelligence Service have released a joint Cybersecurity Advisory (CSA), Ransomware Attacks on Critical Infrastructure Fund DPRK Espionage Activities, to provide information on ransomware activity used by North ...
- City of Oakland systems offline after ransomware attack
February 10, 2023
The City of Oakland was hit by a ransomware attack on Wednesday night that forced it to take all systems offline until the network is secured and affected services are brought back online. The attack has not affected core services, with the City saying that 911 dispatch and fire and emergency resources are all working as ...