The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to Funnull Technology Inc. (Funnull).
Funnull is a Philippines-based company which provides computer infrastructure for thousands of websites associated with cryptocurrency investment fraud (CIF) scams, commonly referred to as “pig butchering,” and other illicit activities. During CIF scams, perpetrators pose as potential romantic partners or friends to gain victims’ trust, who are then convinced to invest in virtual currency. The perpetrators direct their victims to deposit money into what appear to be legitimate investment platforms, such as websites or applications. Ultimately, money sent to these platforms is not invested, and instead goes directly to the scammers. Funnull facilitates these scams by purchasing IP addresses and providing hosting services and other internet infrastructure to groups performing these frauds.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- University of Iowa Hospitals website possibly hit by cyberattack
February 1, 2023
A Russian hacking group has claimed to have taken down the University of Iowa Hospitals and Clinics website, along with the websites of dozens of other hospitals nationwide. UIHC has acknowledged its website is down Tuesday afternoon and its IT staff is investigating the cause but could not confirm whether it was the result of a ...
- New Sh1mmer ChromeBook exploit unenrolls managed devices
January 31, 2023
A new exploit called ‘Sh1mmer’ allows users to unenroll an enterprise-managed Chromebook, enabling them to install any apps they wish and bypass device restrictions. When Chromebooks are enrolled with a school or an enterprise, they are managed by policies established by the organization’s administrators. This allows admins to force-install browser extensions, apps, and to restrict how ...
- CISA Releases One Industrial Control Systems Advisory
January 31, 2023
CISA released one Industrial Control Systems (ICS) advisory on January 31, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- Prilex modification now targeting contactless credit card transactions
January 31, 2023
Prilex is a singular threat actor that has evolved from ATM-focused malware into unique modular PoS malware – actually, the most advanced PoS threat Kaspersky have seen so far, as described in a previous article. Forget about those old memory scrapers seen in PoS attacks. Prilex goes beyond these, and it has evolved very differently. This ...
- Exploit released for critical VMware vRealize RCE vulnerability
January 31, 2023
Horizon3 security researchers have released proof-of-concept (PoC) code for a VMware vRealize Log Insight vulnerability chain that allows attackers to gain remote code execution on unpatched appliances. VMware patched four security vulnerabilities in its vRealize log analysis tool last week, two being critical and allowing remote attackers to execute code on compromised devices. Read more… Source: Bleeping Computer
- University of Michigan Health says cyber attack impacted public websites, not patient info
January 30, 2023
Michigan Health officials say its public websites experienced issues due to a cyber attack but claims the issue did not impact patient information. In a statement on Monday, officials say the attack affected a “third-party vendor we use to host some of our sites.” Read more… Source: CBS Detroit News