The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to Funnull Technology Inc. (Funnull).
Funnull is a Philippines-based company which provides computer infrastructure for thousands of websites associated with cryptocurrency investment fraud (CIF) scams, commonly referred to as “pig butchering,” and other illicit activities. During CIF scams, perpetrators pose as potential romantic partners or friends to gain victims’ trust, who are then convinced to invest in virtual currency. The perpetrators direct their victims to deposit money into what appear to be legitimate investment platforms, such as websites or applications. Ultimately, money sent to these platforms is not invested, and instead goes directly to the scammers. Funnull facilitates these scams by purchasing IP addresses and providing hosting services and other internet infrastructure to groups performing these frauds.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- NSO Group Impersonates Facebook Security Team to Spread Spyware — Report
May 22, 2020
According to an investigative journalist team, the Israeli authors of the infamous Pegasus mobile spyware, NSO Group, have been using a spoofed Facebook login page, crafted to look like an internal Facebook security team portal, to lure victims in. The news comes as Facebook alleges that NSO Group has been using U.S.-based infrastructure to launch espionage ...
- Chafer APT Hits Middle East Govs With Latest Cyber-Espionage Attacks
May 22, 2020
Researchers have uncovered new cybercrime campaigns from the known Chafer advanced persistent threat (APT) group. The attacks have hit several air transportation and government victims in hopes of data exfiltration. The Chafer APT has been active since 2014 and has previously launched cyber espionage campaigns targeting critical infrastructure in the Middle East. This most recent wave of cyberattacks ...
- Windows malware opens RDP ports on PCs for future remote access
May 22, 2020
Security researchers say they’ve spotted a new version of the Sarwent malware that opens RDP (Remote Desktop Protocol) ports on infected computers so hackers could gain hands-on access to infected hosts. Researchers from SentinelOne, who spotted this new version, believe the Sarwent operators are most likely preparing to sell access to these systems on the cybercrime ...
- Factory Security Problems from an IT Perspective (Part 1): Gap between the objectives of IT and OT
May 21, 2020
In the cybersecurity industry, key words such as “smart factories,” the “Industrial Internet of Things (IIoT),” and “Industry 4.0” have come to the fore. The business environment that the manufacturing industry operates in is undergoing drastic changes and entering a transition period. Nowadays, it may be difficult to find companies that do not include Digital ...
- Backdoor, Devil Shadow Botnet Hidden in Fake Zoom Installers
May 21, 2020
Cybercriminals are taking advantage of “the new normal” — involving employees’ remote working conditions and the popularity of user-friendly online tools — by abusing and spoofing popular legitimate applications to infect systems with malicious routines. We found two malware files that pose as Zoom installers but when decoded, contains the malware code. These malicious fake ...
- Silent Night Banking Trojan Charges Top Dollar on the Underground
May 21, 2020
A descendant of the infamous Zeus banking trojan, dubbed Silent Night by the malware’s author, has emerged on the scene, with a host of functionalities available in a spendy malware-as-a-service (MaaS) model. Custom builds can run as much as $4,000 per month to use, which researchers say is now placing the code out of the range ...