The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to Funnull Technology Inc. (Funnull).
Funnull is a Philippines-based company which provides computer infrastructure for thousands of websites associated with cryptocurrency investment fraud (CIF) scams, commonly referred to as “pig butchering,” and other illicit activities. During CIF scams, perpetrators pose as potential romantic partners or friends to gain victims’ trust, who are then convinced to invest in virtual currency. The perpetrators direct their victims to deposit money into what appear to be legitimate investment platforms, such as websites or applications. Ultimately, money sent to these platforms is not invested, and instead goes directly to the scammers. Funnull facilitates these scams by purchasing IP addresses and providing hosting services and other internet infrastructure to groups performing these frauds.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- FBI attributes JBS ransomware attack to REvil
June 3, 2021
The United States FBI issued a short statement on Wednesday pinning the recent JBS ransomware incident on REvil. “As the lead federal investigative agency fighting cyber threats, combating cybercrime is one of the FBI’s highest priorities. We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to ...
- CVE-2021-31181: Microsoft Sharepoint Webpart Interpretation Conflict Remote Code Execution Vulnerability
June 2, 2021
In May of 2021, Microsoft released a patch to correct CVE-2021-31181 – a remote code execution bug in the supported versions of Microsoft SharePoint Server. This bug was reported to the ZDI program by an anonymous researcher and is also known as ZDI-21-573. This blog takes a deeper look at the root cause of this ...
- Banking Attacks Surge Along with Post-COVID Economy
June 2, 2021
For many, COVID-19 has been a crushing catastrophe. But for bank scammers, it’s shaped up to be a nice little money-making opportunity. As the post-pandemic economy roars back to life, cybercriminals are using a new whirlwind of transactions as cover to launch an extraordinary number of bank fraud attacks. In just the past quarter, the number ...
- Russian underground forums launch competitions for cryptocurrency, NFT hacks
June 2, 2021
Cybercriminals in underground forums have been soliciting techniques for compromising cryptocurrency services. Capture the Flag competitions, conference calls for papers, and gamification in cybersecurity courses designed to equip learners with hands-on skills are all common in the white hat realm, but in opposition, contests are also being launched by cybercriminals to create new offensive techniques. Read more… Source: ...
- This is how attackers bypass Microsoft’s AMSI anti-malware scanning protection
June 2, 2021
In an investigation into techniques used to either avoid or disable AMSI, Sophos researchers said on Wednesday that threat actors will try everything from living-off-the-land tactics to fileless attacks. Perhaps the opportunities AMSI bypass represents were highlighted in a tweet by security expert Matt Graeber in 2016, in which Sophos says a single line of code ...
- Australian Cyber Security Centre using classified capabilities to warn local entities of impending ransomware hit
June 2, 2021
While the Australian Cyber Security Centre (ACSC) is engaged in helping a local organisation remove and recover from a ransomware hit or cyber attack, its overseer, the Australian Signals Directorate (ASD) is able to use its more secretive powers to find out if any other organisations are on the attackers hit list. Speaking about the attack ...