The U.S. government has imposed sanctions on Funnull. This company allegedly provided infrastructure for cybercriminals. These criminals ran “pig butchering” crypto scams. The scams led to $200 million in losses. These losses were suffered by American victims. The Treasury’s OFAC announced these sanctions on Thursday. Funnull is reportedly linked to most virtual currency scam sites. These scam websites were reported to the FBI. The average loss per victim is estimated at $150,000. However, actual losses are likely much higher. Many victims do not report these crimes. Funnull is based in the Philippines. Chinese national Liu Lizhi runs the company. He was also sanctioned by U.S. authorities.
Funnull generated numerous domain names for scam websites. It used IP addresses that it directly owned. The company also provided web design templates to criminals. These services significantly aided many cybercriminals. It made impersonating trusted brands much easier for them. Criminals could quickly change their domain names. They also changed IP addresses to evade website takedowns. Funnull engaged in a practice called “infrastructure laundering.” It rented IP addresses from major cloud services. These included providers like AWS and Microsoft Azure. These IP addresses were then sold to criminal actors. They hosted scam platforms and other malicious content.
Funnull, also known as Fang Neng CDN, gained attention.
This occurred in June 2024 for its activities. It was implicated in the Polyfill.io supply chain attack. The U.S. Treasury accused Funnull of buying Polyfill.io. Their clear intent was to redirect website visitors. Visitors of legitimate sites were sent to scam sites. They were also redirected to online gambling operations. Some of these gambling sites linked to Chinese money laundering. A 2024 analysis by Silent Push revealed more details. Funnull’s infrastructure, codenamed Triad Nexus, supported investment scams. It also hosted fake trading applications and gambling networks.
This shows a pattern of illicit support.
Funnull’s administrator is Chinese national Liu Lizhi. He was also individually sanctioned by the United States. Liu Lizhi possessed spreadsheets and various other documents. These documents detailed information about the company’s employees. They showed their individual performance and their work progress. Assigned tasks for employees included assigning domain names. These domains were specifically for known criminal actors. They were then used for virtual currency investment fraud. Phishing scams were also actively supported by this infrastructure. Online gambling sites were part of their illicit operations too. These new sanctions aim to disrupt Funnull’s extensive criminal support.
Reference:
