The U.S. Treasury Department has imposed economic sanctions on Funnull Technology Inc., a cloud infrastructure provider based in the Philippines, for its role in enabling ‘pig butchering’ scams. These scams, which involve luring victims with fraudulent cryptocurrency investment platforms, have reportedly caused over $200 million in losses to U.S. citizens. Funnull, which provides infrastructure for hundreds of thousands of websites, was identified as a key facilitator of these cybercrimes, with its operations linked to the majority of virtual currency investment scams reported to the FBI. The sanctions were imposed on Funnull and its 40-year-old Chinese administrator, Liu Liz, as part of a broader effort to disrupt the infrastructure supporting these fraudulent activities.
Pig butchering is a form of cyber fraud where individuals are lured by flirtatious strangers online into investing in fraudulent cryptocurrency trading platforms. Victims are coached to invest more and more money into what appears to be an extremely profitable trading platform, only to find their money is gone when they wish to cash out. The scammers often insist that investors pay additional ‘taxes’ on their crypto ‘earnings’ before they can see their invested funds again, a practice that has led to numerous high-profile losses. The Treasury’s statement emphasized that the financial losses from these scams have reached record levels in 2024, with Americans losing billions of dollars annually to cybercrime.
According to KrebsOnSecurity, the sanctions on Funnull are based on an investigation by the security firm Silent Push, which discovered a vast number of domains hosted via Funnull were promoting gambling sites linked to the Suncity Group, a Chinese entity named in a 2024 UN report for laundering millions of dollars for the North Korean state-sponsored hacking group Lazarus. Silent Push found that Funnull served as a criminal content delivery network (CDN) that funneled traffic through a complex chain of auto-generated domain names and U.S.-based cloud providers before redirecting to malicious websites. The FBI has released a technical writeup of the infrastructure used to manage the malicious Funnull domains between October 2023 and April 2025.
The Treasury Department’s statement highlights the growing threat posed by these cybercriminal operations and the need for stricter measures to combat financial fraud. The sanctions on Funnull and its administrator, Liu Liz, are part of broader efforts to disrupt the global network of cybercrime and protect American citizens from financial losses. The department has also urged increased collaboration between international agencies to track and dismantle such fraudulent schemes. The case of Funnull underscores the ongoing challenges in combating cybercrime and the need for continued vigilance in the digital economy.