The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to Funnull Technology Inc. (Funnull).
Funnull is a Philippines-based company which provides computer infrastructure for thousands of websites associated with cryptocurrency investment fraud (CIF) scams, commonly referred to as “pig butchering,” and other illicit activities. During CIF scams, perpetrators pose as potential romantic partners or friends to gain victims’ trust, who are then convinced to invest in virtual currency. The perpetrators direct their victims to deposit money into what appear to be legitimate investment platforms, such as websites or applications. Ultimately, money sent to these platforms is not invested, and instead goes directly to the scammers. Funnull facilitates these scams by purchasing IP addresses and providing hosting services and other internet infrastructure to groups performing these frauds.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- New ModPipe malware targets hospitality, hotel point of sale systems
November 12, 2020
A new Point-of-Sale (PoS) malware is targeting devices used by “hundreds of thousands” of organizations in the hospitality sector, researchers have warned. Dubbed ModPipe, the malware is a backdoor able to harvest sensitive information in PoS devices running Oracle Micros Restaurant Enterprise Series (RES) 3700, management software that is particularly popular in the United States. RES 3700 ...
- Targeted ransomware: it’s not just about encrypting your data!
November 11, 2020
When we talk about ransomware, we need to draw a line between what it used to be and what it currently is. Why? Because nowadays ransomware is not just about encrypting data – it’s primarily about data exfiltration. After that, it’s about data encryption and leaving convincing proof that the attacker was in the network, ...
- Ragnar Locker Ransomware Gang Takes Out Facebook Ads in Key New Tactic
November 11, 2020
The Ragnar Locker ransomware group has decided to ratchet up the pressure on its latest high-profile victim, Italian liquor conglomerate Campari, by taking out Facebook ads threatening to release the 2TB of sensitive data it stole in a Nov. 3 attack – unless a $15 million ransom is paid in Bitcoin. Campari Group, which is behind ...
- High-Severity Cisco DoS Flaw Can Immobilize ASR Routers
November 11, 2020
A high-severity flaw in Cisco’s IOS XR software could allow unauthenticated, remote attackers to cripple Cisco Aggregation Services Routers (ASR). The flaw stems from Cisco IOS XR, a train of Cisco Systems’ widely deployed Internetworking Operating System (IOS). The OS powers the Cisco ASR 9000 series, which are fully distributed routers engineered to address massive surges ...
- Recent ransomware wave targeting Israel linked to Iranian threat actors
November 11, 2020
Two recent ransomware waves that targeted Israeli companies have been traced back to Iranian threat actors, multiple sources have told ZDNet today. The ransomware attacks have been taking place since mid-October, have ramped up this month, and have repeatedly focused on Israeli targets. Israeli companies of all sizes have been targeted by threat actors using the Pay2Key ...
- CVE-2020-17051: Remote kernel heap overflow in NFSv3 Windows Server
November 10, 2020
Microsoft released a patch today for a critical vulnerability (CVE-2020-17051) in the Windows NFSv3 (Network File System) server. NFS is typically used in heterogenous environments of Windows and Unix/Linux for file sharing. The vulnerability can be reproduced to cause an immediate BSOD (Blue Screen of Death) within the nfssvr.sys driver. Interestingly, the November patches from ...