The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to Funnull Technology Inc. (Funnull).
Funnull is a Philippines-based company which provides computer infrastructure for thousands of websites associated with cryptocurrency investment fraud (CIF) scams, commonly referred to as “pig butchering,” and other illicit activities. During CIF scams, perpetrators pose as potential romantic partners or friends to gain victims’ trust, who are then convinced to invest in virtual currency. The perpetrators direct their victims to deposit money into what appear to be legitimate investment platforms, such as websites or applications. Ultimately, money sent to these platforms is not invested, and instead goes directly to the scammers. Funnull facilitates these scams by purchasing IP addresses and providing hosting services and other internet infrastructure to groups performing these frauds.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Android: New StrandHogg vulnerability is being exploited in the wild
December 2, 2019
Security researchers from Promon, a Norwegian firm specialized in in-app security protections, said they identified a bug in the Android operating system that lets malicious apps hijack legitimate app, and perform malicious operations on their behalf. In a comprehensive report published today, the research team said the vulnerability can be used to trick users into granting intrusive permissions ...
- Imminent Monitor – a RAT Down Under
December 2, 2019
The availability of “commodity malware” – malware offered for sale – empowers a large population of criminals, who make up for their lack of technical sophistication with an abundance of malicious intent. Rather than looking just at the malware samples and functionality themselves, we’ve taken an interest in the commodity malware ecosystem; especially into the malware ...
- Mobile Cyberespionage Campaign Distributed Through CallerSpy Mounts Initial Phase of a Targeted Attack
December 2, 2019
Trend Micro found a new spyware family disguised as chat apps on a phishing website. We believe that the apps, which exhibit many cyberespionage behaviors, are initially used for a targeted attack campaign. We first came across the threat in May on the site http://goooglepress/, which was advertising a chat app called “Chatrious.” Users can ...
- Meet PyXie: A Nefarious New Python RAT
December 2, 2019
BlackBerry Cylance researchers have recently discovered a previously unnamed Python RAT we’re calling PyXie. PyXie has been observed in the wild since at least 2018 without much attention from the cybersecurity industry. PyXie has been deployed in an ongoing campaign that targets a wide range of industries. It has been seen in conjunction with Cobalt Strike ...
- IT threat evolution Q3 2019
November 29, 2019
Targeted attacks and malware campaigns, Mobile espionage targeting the Middle East At the end of June Kaspersky reported the details of a highly targeted campaign that we dubbed ‘Operation ViceLeaker’ involving the spread of malicious Android samples via instant messaging. The campaign affected several dozen victims in Israel and Iran. We discovered this activity in May ...
- Operation ENDTRADE: Finding Multi-Stage Backdoors that TICK
November 29, 2019
While we have been following cyberespionage group TICK (a.k.a. “BRONZE BUTLER” or “REDBALDKNIGHT”) since 2008, we noticed an unusual increase in malware development and deployments towards November 2018. We already know that the group uses previously deployed malware and modified tools for obfuscation, but we also found TICK developing new malware families capable of detection ...