U.S. government sanctions tech companies to participate in cyber scams

The U.S. government imposed sanctions on Funnull, a cybercriminal accusing it of providing infrastructure, operating a so-called "pig slaughter" crypto scam, which caused $200 million to American victims.

On Thursday, the Treasury Department's Office of Foreign Assets Control announced sanctions, saying Funnull "is related to most virtual currency investment scam sites reported to the FBI." The $200 million lost resulted in an average loss of $150,000 per victim, but the figures “maybe underestimate the total loss because many victims of scams did not report crimes.”

Pig slaughter involves criminals approaching victims online, often pretending to be interested in romantic relationships with the goal of tricking victims into sending them money to invest in crypto projects that do not exist.

According to the Ministry of Finance, Funnull is located in the Philippines and run by Chinese national Liu Lizhi, who was also approved on Thursday.

According to the Ministry of Finance, Funnull generated the domain name of the website on the IP address it owns and provided a "network design template for cybercriminals."

"These services not only make it easier for cybercriminals to imitate trusted brands when creating scam websites, but also allow them to quickly change to different domain names and IP addresses when legitimate providers try to drop the website," the Treasury said.

The FBI issued an alert that included more information about these activities.

The Ministry of Finance mentioned the multi-filling supply chain attack in its press release, saying Funnull "buyed a repository of code used by web developers and maliciously changed the code to redirect visitors to legitimate websites to scam websites and online gambling sites, some of which are linked to China's criminal monetization warfare."

These activities are the silent push of Funnull, which was launched last year by researchers at cybersecurity companies. The researchers found that Funnull was responsible for the Polyfill supply chain attack, which was intended to push malware to anyone on a website that uses Polyfill code. The researchers found that the goal was to redirect users to malicious casinos and online gambling sites.

Contact Us

Do you have more information on Funnull or other companies that promote scams? With non-working devices and networks, you can contact Lorenzo Franceschi-Bicchierai in a signal on +1 917 257 1382, or via Telegram and KeyBase @lorenzofb or email.

Silent Push researcher Zach Edwards, who worked in the Funnull report last year, told TechCrunch that he was "happy to see the facts align with our suspicions".

“It is encouraging that the Treasury Department has taken action against the largest homicide and money laundering network targeting the American people, but we know more needs to be done,” Edwards said. “This effort by Funnull is the tip of the iceberg, currently with financial programs targeting Americans, what is actually happening in China right now.”

He added: “Global threat actors targeting financial scams need to be held accountable to Americans and to the companies they work with and the individuals who run them, which is an important first step.”