The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to Funnull Technology Inc. (Funnull).
Funnull is a Philippines-based company which provides computer infrastructure for thousands of websites associated with cryptocurrency investment fraud (CIF) scams, commonly referred to as “pig butchering,” and other illicit activities. During CIF scams, perpetrators pose as potential romantic partners or friends to gain victims’ trust, who are then convinced to invest in virtual currency. The perpetrators direct their victims to deposit money into what appear to be legitimate investment platforms, such as websites or applications. Ultimately, money sent to these platforms is not invested, and instead goes directly to the scammers. Funnull facilitates these scams by purchasing IP addresses and providing hosting services and other internet infrastructure to groups performing these frauds.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- New Android malware targeting banks in Italy, Spain, Germany, Belgium, and the Netherlands
May 11, 2021
A new Android trojan has been identified by security researchers, who said on Monday that once it is successfully installed in the victim’s device, those behind it can obtain a live stream of the device screen and also interact with it via its Accessibility Services. The malware, dubbed “Teabot” by security researchers with Cleafy, has been ...
- DDoS attacks in Q1 2021
May 10, 2021
Q1 2021 saw the appearance of two new botnets. News broke in January of the FreakOut malware, which attacks Linux devices. Cybercriminals exploited several critical vulnerabilities in programs installed on victim devices, including the newly discovered CVE-2021-3007. Botnet operators use infected devices to carry out DDoS attacks or mine cryptocurrency. Another active bot focused on Android devices with the ADB ...
- Tips to avoid the new wave of ransomware attacks
May 10, 2021
There have been a lot of changes in ransomware over time. We want to help you protect your organization from this growing attack trend. The Colonial Pipeline ransomware attack is just part of a new onslaught of ransomware attacks that malicious actors are ramping up against high value victims. Why are we seeing this? These malicious actors ...
- US and Australia warn of escalating Avaddon ransomware attacks
May 10, 2021
The Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) are warning of an ongoing Avaddon ransomware campaign targeting organizations from an extensive array of sectors in the US and worldwide. The FBI said in a TLP:GREEN flash alert last week that Avaddon ransomware affiliates are trying to breach the networks of manufacturing, ...
- DarkSide ransomware will now vet targets after pipeline cyberattack
May 10, 2021
The DarkSide ransomware gang posted a new “press release” today stating that they are apolitical and will vet all targets before they are attacked. Last week, the ransomware gang encrypted the network for the Colonial Pipeline, the largest fuel pipeline in the United States. Read more… Source: Bleeping Computer Related story: Colonial Pipeline cyberattack shuts down pipeline that supplies ...
- Lemon Duck hacking group adopts Microsoft Exchange Server vulnerabilities in new attacks
May 10, 2021
Researchers have explored the latest activities of the Lemon Duck hacking group, including the leverage of Microsoft Exchange Server vulnerabilities and the use of decoy top-level domains. The active exploit of zero-day Microsoft Exchange Server vulnerabilities in the wild was a security disaster for thousands of organizations. Four critical flaws, dubbed ProxyLogon, impact on-prem Microsoft Exchange Server ...