The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to Funnull Technology Inc. (Funnull).
Funnull is a Philippines-based company which provides computer infrastructure for thousands of websites associated with cryptocurrency investment fraud (CIF) scams, commonly referred to as “pig butchering,” and other illicit activities. During CIF scams, perpetrators pose as potential romantic partners or friends to gain victims’ trust, who are then convinced to invest in virtual currency. The perpetrators direct their victims to deposit money into what appear to be legitimate investment platforms, such as websites or applications. Ultimately, money sent to these platforms is not invested, and instead goes directly to the scammers. Funnull facilitates these scams by purchasing IP addresses and providing hosting services and other internet infrastructure to groups performing these frauds.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- AgeLocker ransomware targets QNAP NAS devices, steals data
September 23, 2020
QNAP NAS devices are being targeted in attacks by the AgeLocker ransomware, which encrypts the device’s data, and in some cases, steal files from the victim. AgeLocker is ransomware that utilizes an encryption algorithm called Age (Actually Good Encryption) designed to replace GPG for encrypting files, backups, and streams. Read more… Source: Bleeping Computer
- Mispadu Banking Trojan Resurfaces
September 22, 2020
Recent spam campaigns leading to URSA/Mispadu banking trojan (detected by Trend Micro as TrojanSpy.Win32.MISPADU.THIADBO) have been uncovered, as reported by malware analyst Pedro Tavares in a Twitter post and by Seguranca Informatica in a blog post. Mispadu malware steals credentials from users’ systems. This attack targets systems with Spanish and Portuguese as system languages. It is ...
- Healthcare lags behind in critical vulnerability management, banks hold their ground
September 22, 2020
Vulnerability management is a key component of modern strategies to combat cyberattackers, but which industries perform well in this area? The general public faces phishing attempts, spam, malvertising, and more in their daily lives. However, in the business realm, successfully targeting major companies — including banks, industrial giants, and medical facilities — can be far more ...
- CISA warns of notable increase in LokiBot malware
September 22, 2020
The US government’s cyber-security agency has issued a security advisory today warning federal agencies and the private sector about “a notable increase in the use of LokiBot malware by malicious cyber actors since July 2020.” The Cybersecurity and Infrastructure Security Agency (CISA) said that its in-house security platform (the EINSTEIN Intrusion Detection System) has detected persistent ...
- Russian hackers use fake NATO training docs to breach govt networks
September 22, 2020
A Russian hacker group known by names, APT28, Fancy Bear, Sofacy, Sednit, and STRONTIUM, is behind a targeted attack campaign aimed at government bodies. The group delivered a hard-to-detect strand of Zebrocy Delphi malware under the pretense of providing NATO training materials. Researchers further inspected the files containing the payload and discovered these impersonated JPG files showing ...
- Fileless Malware Tops Critical Endpoint Threats for 1H 2020
September 21, 2020
In the first half of 2020, the most common critical-severity cybersecurity threat to endpoints was fileless malware, according to a recent analysis of telemetry data from Cisco. Fileless threats consist of malicious code that runs in memory after initial infection, instead of files being stored on the hard drive. Cisco flagged threats like Kovter, Poweliks, Divergent ...