The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to Funnull Technology Inc. (Funnull).
Funnull is a Philippines-based company which provides computer infrastructure for thousands of websites associated with cryptocurrency investment fraud (CIF) scams, commonly referred to as “pig butchering,” and other illicit activities. During CIF scams, perpetrators pose as potential romantic partners or friends to gain victims’ trust, who are then convinced to invest in virtual currency. The perpetrators direct their victims to deposit money into what appear to be legitimate investment platforms, such as websites or applications. Ultimately, money sent to these platforms is not invested, and instead goes directly to the scammers. Funnull facilitates these scams by purchasing IP addresses and providing hosting services and other internet infrastructure to groups performing these frauds.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- The benefits of taking an intent-based approach to detecting Business Email Compromise
October 18, 2022
Business email compromise (BEC) is one of the most financially damaging online crimes. As per the internet crime 221 report, the total loss in 2021 due to BEC is around 2.4 billion dollars. Since 2013, BEC has resulted in a 43 billion dollars loss. The report defines BEC as a scam targeting businesses (not individuals) ...
- Linux dodges serious Wi-Fi security exploits
October 17, 2022
You may recall that Linus Torvalds recently added support for Rust in the Linux kernel. One of the big reasons for adding Rust was to put an end to Linux code memory problems. It can’t come soon enough. Recently, five serious Linux Wi-Fi security holes were uncovered. What did they all have in common? Go ahead, guess? ...
- Malware dev claims to sell new BlackLotus Windows UEFI bootkit
October 17, 2022
A threat actor is selling on hacking forums what they claim to be a new UEFI bootkit named BlackLotus, a malicious tool with capabilities usually linked to state-backed threat groups. UEFI bootkits are planted in the system firmware and are invisible to security software running within the operating system because the malware loads in the initial ...
- Phishing works so well crims won’t bother with deepfakes, says Sophos chap
October 17, 2022
Panic over the risk of deepfake scams is completely overblown, according to a senior security adviser for UK-based infosec company Sophos. “The thing with deepfakes is that we aren’t seeing a lot of it,” Sophos researcher John Shier told El Reg last week. Shier said current deepfakes – AI generated videos that mimic humans – aren’t the ...
- MyDeal data breach impacts 2.2M users, stolen data for sale online
October 17, 2022
Woolworths’ MyDeal subsidiary has disclosed a data breach affecting 2.2 million customers, with the hacker trying to sell the stolen data on a hacker forum. MyDeal is an Australian retail marketplace that connects online shoppers with local retailers. Retail giant Woolworths purchased 80% of the company in September but said their systems are on a completely different ...
- Venus Ransomware targets publicly exposed Remote Desktop services
October 16, 2022
Threat actors behind the relatively new Venus Ransomware are hacking into publicly-exposed Remote Desktop services to encrypt Windows devices. Venus Ransomware appears to have begun operating in the middle of August 2022 and has since encrypted victims worldwide. However, there was another ransomware using the same encrypted file extension since 2021, but it is unclear if ...