interview It started out small: One US financial services company wanted to stop unknown crooks from spoofing their trading app, tricking customers into giving the digital thieves their login credentials and account information, thus allowing them to drain their accounts.
“Once we poked at it, we realized, it’s certainly not just them,” Silent Push CEO Ken Bagnall told The Register. “We discovered many, many more branches of crime and money laundering, and that initial thing turned into 1.4 million live hosting sites at any one time. It’s a huge crime organization.”
Silent Push, a cybersecurity takedown firm that works with international law enforcement agencies to take down cybercrime groups, first started tracking this crime organization in 2021.
It would eventually turn out to be Funnull, a Philippines-based company that provides computer infrastructure for hundreds of financial scams.
In May, the US Treasury sanctioned Funnull and its administrator, Liu Lizhi, a Chinese national. At the same time, the FBI issued an alert listing hundreds of thousands of domains linked to Funnull’s infrastructure. Since January, the bureau said, it has identified 548 unique Funnull Canonical Names (CNAME) linked to over 332,000 unique domains.
“Funnull is linked to the majority of virtual currency investment scam websites reported to the FBI,” the Treasury Department said at the time, adding that Funnull’s content-deliver-network-hosted websites cost US victims alone more than $200 million in losses, with an average loss of $150,000 per individual.
“The reason we do these things is to try and have an impact, and it’s fantastic when something does have an impact,” Bagnall said. “But takedowns are actually not in our interest as a threat intelligence company, because, as horrific as it is to think about, they are an asset.”
The crime groups become very aware of us, which leads to other types of issues
Bagnall’s company maps criminal groups as they build out their infrastructure, which allows Silent Push to then monitor all the technical connections between the IP addresses and various domains. The threat analysts collect massive amounts of data on the organizations, which law enforcement can then use to build criminal cases and disrupt their operations.
Currently, Bagnall’s firm is collaborating with the World Economic Forum on its Cyber Crime Atlas project, providing members free access to its platform, data, and analysts in a bid to map out relationships between criminal groups and ultimately use this knowledge to break up the entire ecosystem.
But once the cops have disrupted a crime ring and seized or shut down its servers — or even if the gang simply realizes that Silent Push analysts are watching — the threat hunters no longer have a way in.
“The crime groups become very aware of us, which leads to other types of issues,” Bagnall said. “They’re watching what we’re doing in terms of exposing infrastructure, and then they’re constantly adjusting for us, rather than whatever they used to adjust for, so that leads to the ongoing cat-and-mouse game.”
One of the reasons it is so difficult to take action against companies like Funnull and other scam operators based in China, North Korea, and Russia is that they operate with those governments’ tacit approval, if not outright support, Bagnall says.
“I would equate it to the period of history where you had people like Francis Drake who were privateers, where you have a subtle nod from your home government that it’s OK to do certain crimes if they don’t affect your home country, and you’re bringing money home,” Bagnall said. “We have a very similar situation generally with cybercrime globally.”
This privateering of cybercrime bilks world economies out of billions of dollars.
“It’s like an unseen hole in the bucket of your GDP, and it has to be dealt with on a national level, because it is a national issue,” Bagnall said. “It’s not a series of one-off victims, it’s a large-scale siphoning of cash out of your economy. The more countries that realize that and take it on, the better chance we have of actually clamping down on it, because the scale of the crime infrastructure is just ridiculously large.” ®
Click Here For The Original Source.
