The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to Funnull Technology Inc. (Funnull).
Funnull is a Philippines-based company which provides computer infrastructure for thousands of websites associated with cryptocurrency investment fraud (CIF) scams, commonly referred to as “pig butchering,” and other illicit activities. During CIF scams, perpetrators pose as potential romantic partners or friends to gain victims’ trust, who are then convinced to invest in virtual currency. The perpetrators direct their victims to deposit money into what appear to be legitimate investment platforms, such as websites or applications. Ultimately, money sent to these platforms is not invested, and instead goes directly to the scammers. Funnull facilitates these scams by purchasing IP addresses and providing hosting services and other internet infrastructure to groups performing these frauds.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Roaming Mantis reaches Europe
February 7, 2022
Roaming Mantis is a malicious campaign that targets Android devices and spreads mobile malware via smishing. Kaspersky researchers have been tracking Roaming Mantis since 2018, and they observed some new activities by Roaming Mantis in 2021, and some changes in the Android Trojan Wroba.g (or Wroba.o, a.k.a Moqhao, XLoader) that’s mainly used in this campaign. ...
- Medusa Malware Joins Flubot’s Android Distribution Network
February 7, 2022
Flubot, the Android spyware that’s been spreading virally since last year, has hitched its infrastructure wagon up to another mobile threat known as Medusa. That’s according to ThreatFabric, which found that Medusa is now being distributed through the same SMS-phishing infrastructure as Flubot, resulting in high-volume, side-by-side campaigns. The Flubot malware (aka Cabassous) is delivered to targets ...
- Ransomware groups are shifting towards smaller targets, but ones where they can still guarantee a significant payday
February 7, 2022
The cost and risk of executing ransomware attacks is going up, making it harder for cyber criminals to carry them out, which could lead to a decline in the number of overall ransomware attacks. But that could mean some ransomware victims end up paying a heavier price. Ransomware is still running rampant, with several major incidents ...
- Fortune 500 service provider says ransomware attack led to leak of more than 500k SSNs
February 5, 2022
Morley Companies, an organization that provides business services to dozens of Fortune 500 companies, said this week it was hit with a ransomware attack last year that led to the leak of sensitive information for more than 500,000 people. In a press release, the company said the ransomware attack began on August 1 and made their ...
- China suspected in hack of journalists at News Corp
February 4, 2022
Digital intruders broke into News Corp email accounts and compromised the data of an unspecified number of journalists, the company disclosed Friday. The media firm’s internet security adviser said the hack was likely aimed at gathering intelligence for Beijing’s benefit. News Corp, which publishes the Wall Street Journal, said the breach was discovered in late January and ...
- Indicators of Compromise Associated with LockBit 2.0 Ransomware
February 4, 2022
LockBit 2.0 operates as an affiliate-based Ransomware-as-a-Service (RaaS) and employs a wide variety of tactics, techniques, and procedures (TTPs), creating significant challenges for defense and mitigation. LockBit 2.0 ransomware compromises victim networks through a variety of techniques, including, but not limited to, purchased access, unpatched vulnerabilities, insider access, and zero day exploits. After compromising a victim ...