Filipino Company Comes Under Fire In The US For Aiding Pig Butchering Scams
- The U.S. Treasury (OFAC) has just sanctioned Filipino firm Funnull Technology Inc. and its administrator, Liu Lizhi, for aiding in “pig butchering” crypto scams.
- Funnull aided scams that cost U.S. victims over $200 million by tampering with open-source code for fake investment platforms, among other things.
The US Treasury Department has just made a major move to dismantle the major players behind large-scale crypto fraud.
Funnull Technology Inc., a Philippine-based tech company, has just been sanctioned along with its administrator Liu Lizhi by the Office of Foreign Assets Control (OFAC). The OFAC revealed that Funnull was a major accomplice in worldwide “pig-butchering” scams that have cost American victims over $200 million.
What Is Pig-Butchering, and How Did Funnull Fuel it?
Pig-butchering scams are a form of long-con investment fraud. Think of them as schemes where scammers lure victims through dating apps or social media. They build emotional trust over time, then persuade targets to invest in fake crypto platforms.
These platforms tend to appear legitimate, but are completely controlled by scammers. Once victims make deposits or connect their wallets, they end up getting drained and left holding the bag.
According to the US Treasury Department, Funnull Technology is accused of providing the tools that allowed these scams to thrive.
OFAC claims that the company purchased Internet Protocol (IP) addresses in bulk from major cloud providers and resold them to cybercriminals.
These IP addresses were used to host thousands of phishing websites and fake crypto trading platforms that mimicked real investment services.
The Tech Behind the Fraud
What makes Funnull’s role especially disturbing is how it manipulated web development tools.
In one instance, according to OFAC, the company purchased a repository of open-source code, commonly used by legitimate developers, and altered it. This tampered code would then become unknowingly deployed by developers and secretly redirect users from authentic websites to scam pages.
The Treasury Department stated that these services allowed scammers to quickly carry out their operations by switching domains and IP addresses.
This agility made it difficult for regulators and service providers to shut them down before victims were duped.
“These services not only make it easier for cybercriminals to impersonate trusted brands when creating scam websites but also allow them to quickly change to different domain names and IP addresses when legitimate providers attempt to take the websites down.”
Liu Lizhi, The Man Behind the Operation
OFAC pointed towards Liu Lizhi, a Chinese national and administrator of Funnull, as the mastermind of this operation. According to the investigator, Lizhi managed the company’s internal operations and maintained detailed records of employees’ assignments. These included the setup and management of domain names linked to the scams.
Both Liu and Funnull have now been added to OFAC’s Specially Designated Nationals and Blocked Persons (SDN) list.
As a result, any U.S.-based assets they own are frozen, and it is now illegal for any American individual or business to engage in transactions with them. Violations of these sanctions can result in severe civil or criminal penalties.
Blockchain Traces and Wallet Sanctions
The Treasury also identified and sanctioned two crypto wallet addresses associated with Funnull. According to Chainalysis, these wallets were likely used to receive payments from cybercriminal clients.
The firm’s analysis revealed that the addresses were indirectly exposed to various scams and were tied to a massive web of fake trading apps and scam domains.
Chainalysis also pointed out Funnull’s role in a scam network known as the Triad Nexus. This network included over 200,000 unique hostnames used to host crypto investment scams, many of which had been reported to the FBI.
Sanctions in Context: A Pattern of Cybercrime Crackdowns
This latest development is part of a more general crackdown from the U.S. Treasury to aggressively attack cybercriminals and the tools they use.
Earlier in the year, OFAC sanctioned the Russia-based group Evil Corp for ransomware attacks and financial theft. The department also sanctioned Behrouz Parsarad in March for running a dark web marketplace that ran narcotics sales and other illegal transactions.
Earlier in April, OFAC also moved against Tron-based crypto wallets linked to Iran-backed Houthi rebels.
So far, OFAC estimates that over $200 million has been stolen from U.S. victims through scams linked to Funnull-supported websites. However, officials believe the real figure could be much higher due to under-reporting as many victims are either unaware they’ve been scammed or are too embarrassed to come forward.
