The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to Funnull Technology Inc. (Funnull).
Funnull is a Philippines-based company which provides computer infrastructure for thousands of websites associated with cryptocurrency investment fraud (CIF) scams, commonly referred to as “pig butchering,” and other illicit activities. During CIF scams, perpetrators pose as potential romantic partners or friends to gain victims’ trust, who are then convinced to invest in virtual currency. The perpetrators direct their victims to deposit money into what appear to be legitimate investment platforms, such as websites or applications. Ultimately, money sent to these platforms is not invested, and instead goes directly to the scammers. Funnull facilitates these scams by purchasing IP addresses and providing hosting services and other internet infrastructure to groups performing these frauds.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- RedCurl cybercrime group has hacked companies for three years
August 13, 2020
Security researchers have uncovered a new Russian-speaking hacking group that they claim has been focusing on the past three years on corporate espionage, targeting companies across the world to steal documents that contain commercial secrets and employee personal data. Named RedCurl, the activities of this new group have been detailed in a 57-page report released today ...
- Internet Explorer and Windows zero-day exploits used in Operation PowerFall
August 12, 2020
In May 2020, Kaspersky technologies prevented an attack on a South Korean company by a malicious script for Internet Explorer. Closer analysis revealed that the attack used a previously unknown full chain that consisted of two zero-day exploits: a remote code execution exploit for Internet Explorer and an elevation of privilege exploit for Windows. Unlike ...
- ReVoLTE attack can decrypt 4G (LTE) calls to eavesdrop on conversations
August 12, 2020
A team of academics has detailed this week a vulnerability in the Voice over LTE (VoLTE) protocol that can be used to break the encryption on 4G voice calls. Named ReVoLTE, researchers say this attack is possible because mobile operators often use the same encryption key to secure multiple 4G voice calls that take place via ...
- NHS hit with wave of scam emails at height of COVID-19 pandemic
August 12, 2020
NHS staff were hit with a wave of malicious email attacks at the height of the COVID-19 pandemic, with doctors, nurses and other key workers reporting over 40,000 spam and phishing attacks between March and the first half of July. Data from NHS Digital obtained through a Freedom of Information request sent by UK think tank, ...
- Script-Based Malware: A New Attacker Trend on Internet Explorer
August 11, 2020
Over the past few months, we have detected sophisticated script-based malware through Internet Explorer (IE) browser exploits that infect Windows Operating System (OS) users. We decided to investigate those scripts to identify their key features to demonstrate that they are attractive for attackers and so could lead to a trend worth paying attention to. Indeed, with ...
- August Patch Tuesday Fixes Critical IE, Important Windows Vulnerabilities Exploited in the Wild
August 11, 2020
The August batch of Patch Tuesday updates includes 120 updates for the Microsoft suite, with 17 fixes rated as Critical, and the remaining 103 ranked as Important. CVE-2020-1380 is a critical Internet Explorer (IE) vulnerability that can be abused for remote code execution (RCE), while CVE-2020-1464 is a Windows 10 security gap that can be ...