The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to Funnull Technology Inc. (Funnull).
Funnull is a Philippines-based company which provides computer infrastructure for thousands of websites associated with cryptocurrency investment fraud (CIF) scams, commonly referred to as “pig butchering,” and other illicit activities. During CIF scams, perpetrators pose as potential romantic partners or friends to gain victims’ trust, who are then convinced to invest in virtual currency. The perpetrators direct their victims to deposit money into what appear to be legitimate investment platforms, such as websites or applications. Ultimately, money sent to these platforms is not invested, and instead goes directly to the scammers. Funnull facilitates these scams by purchasing IP addresses and providing hosting services and other internet infrastructure to groups performing these frauds.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- UK Prime Minister, Catalan groups ‘targeted by NSO Pegasus spyware’
April 18, 2022
Citizen Lab has reported finding suspected surveillance software on devices associated with both the UK Prime Minister’s Office and what was formerly called the British Foreign and Commonwealth Office. The Canadian research outfit also said it had identified at least 65 individuals linked with Catalan civil society groups in Spain who were targeted by, or infected ...
- Lazarus Targets Chemical Sector
April 14, 2022
Symantec, a division of Broadcom Software, has observed the North Korea-linked advanced persistent threat (APT) group known as Lazarus conducting an espionage campaign targeting organizations operating within the chemical sector. The campaign appears to be a continuation of Lazarus activity dubbed Operation Dream Job, which was first observed in August 2020. Symantec tracks this sub-set ...
- US Treasury links North Korean hacker group Lazarus to $600M Axie Infinity heist
April 14, 2022
The US Treasury Department on Thursday linked a notorious North Korean hacking group to a massive $600 million cyber breach last month. The connection was clear when the Treasury Department updated its sanctions listing for the hacking group, called Lazarus Group. The federal agency added a cryptocurrency address that was used to steal $600 million from ...
- Coordinated Vulnerability Disclosure policies in the EU
April 13, 2022
Vulnerability disclosure has become the focus of attention of cybersecurity experts engaged in strengthening the cybersecurity resilience of the European Union. The valid source of concern comes from the cybersecurity threats looming behind vulnerabilities, as demonstrated by the impact of the Log4Shell vulnerability. Security researchers and ethical hackers constantly scrutinise ICT systems – both open source ...
- Emotet modules and recent attacks
April 13, 2022
Emotet was first found in the wild in 2014. Back then its main functionality was stealing user banking credentials. Since then it has survived numerous transformations, started delivering other malware and finally became a powerful botnet. In January 2021 Emotet was disrupted by a joint effort of different countries’ authorities. It took the threat actors ...
- Enemybot: a new Mirai, Gafgyt hybrid botnet joins the scene
April 13, 2022
A new botnet is targeting routers, Internet of Things (IoT) devices, and an array of server architectures. On April 12, cybersecurity researchers from FortiGuard Labs said the new distributed denial-of-service (DDoS) botnet, dubbed Enemybot, borrows modules from the infamous Mirai botnet’s source code, alongside Gafgyt’s. The Mirai botnet was responsible for a massive DDoS attack against Dyn ...