US Sanctions Tech Company for Cyber Scams

Sanctions Imposed on Funnull for Facilitating Crypto Scams

The U.S. government has levied sanctions against Funnull, a company implicated in supplying infrastructure to cybercriminals engaged in “pig butchering” cryptocurrency scams. These scams have resulted in approximately $200 million in financial losses for victims across the United States.

Treasury Department's Actions

The Treasury’s Office of Foreign Assets Control (OFAC) announced the sanctions on Thursday. The agency asserts that Funnull is demonstrably connected to a significant proportion of the virtual currency investment scam websites reported to the Federal Bureau of Investigation (FBI).

According to the official press release, the reported losses currently total $200 million, averaging $150,000 per individual victim. However, authorities believe the actual financial impact is likely higher, as many instances of fraud go unreported.

Understanding Pig Butchering Scams

Pig butchering scams are characterized by criminals initiating contact with potential victims online. They frequently feign romantic interest as a means of manipulating victims into transferring funds for investment in fictitious cryptocurrency projects.

Funnull's Operations and Leadership

The Treasury Department indicates that Funnull is based in the Philippines and is operated by Liu Lizhi, a Chinese national. Mr. Lizhi was also subject to sanctions alongside the company on Thursday.

Funnull reportedly generates domain names for scam websites utilizing IP addresses under its control. Furthermore, the company provides web design templates specifically tailored for use by cybercriminals.

These services streamline the process for criminals to convincingly impersonate legitimate brands when constructing fraudulent websites. They also enable rapid changes to domain names and IP addresses, circumventing efforts by legitimate providers to take down these malicious sites.

FBI Alert and Polyfill Supply Chain Attack

The FBI has issued an alert containing additional details regarding these illicit activities.

The Treasury’s press release also referenced the Polyfill supply chain attack. Funnull allegedly acquired a code repository used by web developers and intentionally modified the code. This alteration redirected visitors from legitimate websites to scam websites and online gambling platforms, some of which are linked to Chinese criminal money laundering networks.

Cybersecurity Research Confirms Allegations

These activities align with findings from cybersecurity firm Silent Push, which accused FUNNULL of orchestrating the Polyfill supply chain attack last year. Their research revealed that Funnull launched the attack to distribute malware to users visiting websites utilizing Polyfill’s code.

The ultimate objective was to redirect users to a network of malicious casino and online gambling sites, as discovered by the researchers.

Expert Reaction

Zach Edwards, a researcher at Silent Push involved in the Funnull report, expressed his satisfaction that the factual evidence supports their earlier suspicions.

“It’s encouraging that the Treasury has taken actions against the largest pig butchering and money laundering network targeting people in the U.S., but more action is needed,” Edwards stated. “This effort from Funnull represents only a small portion of the financial schemes originating from China that are currently targeting Americans.”

Call for Accountability

Edwards emphasized the importance of holding global threat actors accountable for financial scams targeting Americans. He added that identifying and publicly disclosing the companies and individuals involved is a crucial initial step in combating these crimes.