The U.S. Treasury Department has placed sanctions on Funnull Technology Inc., a tech company based in the Philippines, for allegedly enabling hundreds of thousands of online crypto investment scams, commonly referred to as “pig butchering,” which have defrauded U.S. victims of more than $200 million.
The Office of Foreign Assets Control (OFAC) also named Liu Lizhi, a Chinese national and executive at Funnull, for his involvement in managing operations that delivered essential infrastructure for the scams—such as IP address rentals, domain-generation tools, and web hosting services utilized by cybercriminal networks.
Deputy Treasury Secretary Michael Faulkender said:
Today’s action underscores our focus on disrupting the criminal enterprises, like Funnull, that enable these cyber scams and deprive Americans of their hard-earned savings.
Funnull operates a large network of virtual currency scam websites, many of which victims in the U.S. have reported to the FBI. On average, Americans lose over $150,000 in each case. Authorities emphasize that many people never report these crimes, suggesting the actual damage is likely much greater.
Advanced Fraud Schemes Uncovered
As detailed in the May 29 release, the company functioned by acquiring IP addresses in bulk from international cloud service providers and then renting them out to fraudsters. These IPs were used to run investment scam websites designed to imitate authentic trading platforms.
Funnull additionally provided resources such as domain generation algorithms (DGAs) and ready-made website templates, helping scammers enhance the appearance of legitimacy and avoid detection or shutdown efforts.
Treasury officials reported that Funnull went as far as injecting harmful code into genuine websites, redirecting visitors to fake investment platforms and online gambling portals. Several of these redirect tactics have been linked to money laundering networks based in China.
Liu Lizhi kept thorough records on Funnull’s staff, monitored their productivity, and assigned responsibilities—such as choosing domains for phishing schemes, gambling sites, and cryptocurrency-related fraud platforms.
Organized crime groups in Southeast Asia now run most pig butchering scams, exploiting trafficked individuals for labor. The Treasury’s Financial Crimes Enforcement Network (FinCEN) first highlighted these scams in 2023.
Fraudsters adopt false identities and craft emotionally charged narratives to gain victims’ trust, gradually convincing them to invest through deceptive cryptocurrency platforms. Once the victim ceases sending more funds, communication is suddenly cut off, and the scammers disappear along with the misappropriated assets.
These scams have grown increasingly advanced, frequently utilizing tailor-made websites that mimic real platforms and showcase fabricated investment gains. Funnull’s technology—such as domain-spamming tools and swift infrastructure rotation—allowed fraudsters to expand their operations and continue across multiple regions, even in the face of regulatory crackdowns.
Taking Down the Infrastructure Powering Crypto Scams
The designation issued on May 29 falls under Executive Order 13694, as revised by E.O. 14144, which addresses cyber-enabled actions by foreign entities that pose risks to U.S. national security and financial stability.
The U.S. government has frozen all assets and property interests of the firm that fall under its jurisdiction. It also prohibits U.S. citizens from conducting any transactions with the company.
The FBI coordinated the initiative and released a cybersecurity advisory that described Funnull’s technical framework. It also urged the public to report suspected scam activity through its Internet Crime Complaint Center (IC3).
Officials from the Treasury stressed that the purpose of these sanctions is to hold wrongdoers accountable while reinforcing the United States’ dedication to upholding a trustworthy and secure digital asset environment.
Entities that breach these sanctions may be subject to civil or criminal consequences. OFAC reiterated that financial institutions and related parties engaging in transactions with sanctioned individuals or organizations risk enforcement measures under strict liability guidelines.
Although the sanctions represent a major enforcement action, OFAC emphasized that the objective goes beyond punishment. The intention is to encourage corrective behavior, providing an opportunity for removal from the Specially Designated Nationals (SDN) list if the sanctioned party can prove compliance.
This measure reflects an ongoing intensification of the U.S. government’s efforts to combat cyber-enabled financial fraud and highlights its determination to hold those facilitating digital crimes responsible.
