The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to Funnull Technology Inc. (Funnull).
Funnull is a Philippines-based company which provides computer infrastructure for thousands of websites associated with cryptocurrency investment fraud (CIF) scams, commonly referred to as “pig butchering,” and other illicit activities. During CIF scams, perpetrators pose as potential romantic partners or friends to gain victims’ trust, who are then convinced to invest in virtual currency. The perpetrators direct their victims to deposit money into what appear to be legitimate investment platforms, such as websites or applications. Ultimately, money sent to these platforms is not invested, and instead goes directly to the scammers. Funnull facilitates these scams by purchasing IP addresses and providing hosting services and other internet infrastructure to groups performing these frauds.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Inside Malware Markets: Current Trends and Competitive Forces
July 30, 2019
Regardless of location, legitimacy, or legality, markets of all kinds act in accordance with a prevailing set of forces. Made famous by business management guru Michael Porter, his eponymous Five Forces generally dictate how markets will operate — that includes markets for malware. Porter’s Five Forces Rivalry Among Existing Competitors Bargaining Power of Suppliers Bargaining Power of Buyers Threat of ...
- Cyberattack warning to small plane owners: How your aircraft could be vulnerable
July 30, 2019
The alert from the DHS critical infrastructure computer emergency response team. warns that modern flight systems are vulnerable to hacking if a person manages to gain unrestricted access to an aircraft. The alert also recommends that small plane owners restrict unauthorized physical access to their aircraft the best they can. It warns that access should remain limited until ...
- Rare Steganography Hack Can Compromise Fully Patched Websites
July 26, 2019
An unusual steganographic technique that an attacker can use to implant a malicious webshell on unsuspecting websites has been spotted in Latin America. According to research from Trustwave shared exclusively with Threatpost, a forensic investigation showed that an adversary is implanting PHP code into JPEG files’ EXIF headers in order to upload malware onto targeted ...
- Unique Monokle Android Spyware Self-Signs Certificates
July 24, 2019
A never-before-publicized mobile spy tool, a mobile surveillanceware remote access trojan (RAT) for Android called Monokle, has been spotted using novel techniques to exfiltrate data. According to the Lookout researchers who discovered Monokle in the wild, the malware has the ability to self-sign trusted certificates to intercept encrypted SSL traffic. It can also record a phone’s ...
- Multistage Attack Delivers BillGates/Setag Backdoor, Can Turn Elasticsearch Databases into DDoS Botnet ‘Zombies’
July 23, 2019
Elasticsearch is no stranger to cybercriminal abuse given its popularity and use to organizations. In fact, this year’s first quarter saw a surge of attacks — whether by exploiting vulnerabilities or taking advantage of security gaps — leveled against Elasticsearch servers. These attacks mostly deliveredcryptocurrency-mining malware, as in the case of one attack we saw last year. The latest attack we spotted deviates from the ...
- Cybercrime gang adds new tactics to credit card data-stealing campaign
July 23, 2019
A hacking operation has deployed new malware in the latest evolution of its campaign to make money by stealing credit card data. The FIN8 cybercrime group was first identified in January 2016, and typically targets point-of-sale (POS) systems with malware attacks designed to steal credit card information, which is then sold on for profit on dark ...