The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to Funnull Technology Inc. (Funnull).
Funnull is a Philippines-based company which provides computer infrastructure for thousands of websites associated with cryptocurrency investment fraud (CIF) scams, commonly referred to as “pig butchering,” and other illicit activities. During CIF scams, perpetrators pose as potential romantic partners or friends to gain victims’ trust, who are then convinced to invest in virtual currency. The perpetrators direct their victims to deposit money into what appear to be legitimate investment platforms, such as websites or applications. Ultimately, money sent to these platforms is not invested, and instead goes directly to the scammers. Funnull facilitates these scams by purchasing IP addresses and providing hosting services and other internet infrastructure to groups performing these frauds.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- ACSC Ransomware Profile – Royal
January 24, 2023
The Australian Cyber Security Centre (ACSC) is aware of a ransomware variant called Royal, which is being used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Once gaining access to a victim’s environment, cybercriminals use this ransomware for similar purposes to other variants such as encrypting their data and ...
- Vice Society Ransomware Group Targets Manufacturing Companies
January 24, 2023
The Vice Society ransomware group made headlines in late 2022 and early 2023 during a spate of attacks against several targets, such as the one that affected the rapid transit system in San Francisco. Most reports have the threat actor focusing its efforts on the education and the healthcare industries. However, through Trend Micro’s telemetry data, ...
- New wave of attacks use ProxyNotShell/OWASSRF vulnerabilities to target Microsoft Exchange
January 24, 2023
Researchers at S.C. Bitdefender SRL today warned of a new wave of attacks using known vulnerabilities to target Microsoft Exchange. The researchers started to notice an increase in attacks using ProxyNotShell/OWASSRF exploits to target on-premises Microsoft Exchange deployments at the end of November. The Server-Side Request Forgery attacks allow an attacker to send a crafted request ...
- LastPass owner GoTo says hackers stole customers’ backups
January 24, 2023
LastPass’ parent company GoTo – formerly LogMeIn – has confirmed that cybercriminals stole customers’ encrypted backups during a recent breach of its systems. The breach was first confirmed by LastPass on November 30. At the time, LastPass chief executive Karim Toubba said an “unauthorized party” had gained access to some customers’ information stored in a third-party ...
- Hackers use Golang source code interpreter to evade detection
January 24, 2023
A Chinese-speaking hacking group tracked as ‘DragonSpark’ was observed employing Golang source code interpretation to evade detection while launching espionage attacks against organizations in East Asia. The attacks are tracked by SentinelLabs, whose researchers report that DragonSpark relies on a little-known open-source tool called SparkRAT to steal sensitive data from compromised systems, execute commands, perform lateral ...
- Apple fixes actively exploited iOS zero-day on older iPhones, iPads
January 23, 2023
Apple has backported security patches addressing a remotely exploitable zero-day vulnerability to older iPhones and iPads. This bug is tracked as CVE-2022-42856, and it stems from a type confusion weakness in Apple’s Webkit web browser browsing engine. Read more… Source: Bleeping Computer