The U.S. government has announced sanctions against Funnull, a tech firm accused of helping cybercriminals execute massive cryptocurrency scams that have reportedly cost American victims a staggering $200 million.
On Thursday, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) revealed that Funnull has been identified as a critical enabler of online “pig butchering” scams. According to officials, the company is connected to the majority of fraudulent cryptocurrency investment websites flagged by the FBI. The report estimates the average loss per victim at around $150,000, though this figure is likely conservative, as many victims don’t report such crimes.
These scams often involve cybercriminals posing as potential romantic interests, luring victims into believing they are investing in legitimate cryptocurrency ventures—only for the victims to be left empty-handed.
Funnull, which operates from the Philippines, is reportedly led by Chinese national Liu Lizhi, who has also been targeted by the sanctions. Authorities say that Funnull provided the infrastructure to keep these scams running, including generating domain names for scam websites, hosting them on its servers, and offering ready-made web design templates to fraudsters.
The Treasury explained that Funnull’s services made it easier for scammers to mimic trusted brands when creating fraudulent sites. Moreover, the company’s tactics allowed criminals to rapidly switch between domains and IP addresses to avoid being taken down by legitimate providers.
In addition to Funnull’s involvement in these scams, the Treasury highlighted its role in the infamous Polyfill supply chain attack. Funnull allegedly acquired a widely used code repository favored by web developers, then secretly inserted malicious code into it. This code redirected unsuspecting users to scam and gambling websites, some reportedly tied to Chinese criminal enterprises involved in money laundering.
Cybersecurity experts from Silent Push, who previously identified Funnull’s involvement in the Polyfill attack, welcomed the government’s move. Zach Edwards, a researcher at Silent Push, said, “It’s good to see the evidence finally matching our suspicions. This is a significant step in holding accountable the biggest player in pig butchering scams that target U.S. victims.”
However, Edwards also warned that this was likely just the beginning. “This is just one layer of a much larger operation,” he added. “It’s essential to continue exposing and disrupting the networks that enable these financial schemes.”
The FBI also released an alert detailing more information about these ongoing threats.
