Funnull’s systems were used to assist scammers by providing domain-generation algorithms and fake websites that facilitated pig butchering schemes.
The U.S. Treasury Department has placed sanctions on Funnull Technology Inc., a tech company based in the Philippines, for allegedly enabling hundreds of thousands of online crypto investment scams, commonly referred to as “pig butchering,” which have defrauded U.S. victims of more than $200 million.
The Office of Foreign Assets Control (OFAC) also named Liu Lizhi, a Chinese national and executive at Funnull, for his involvement in managing operations that delivered essential infrastructure for the scams—such as IP address rentals, domain-generation tools, and web hosting services utilized by cybercriminal networks.
Deputy Treasury Secretary Michael Faulkender said:
Today’s action underscores our focus on disrupting the criminal enterprises, like Funnull, that enable these cyber scams and deprive Americans of their hard-earned savings.
Funnull has been associated with a significant portion of cryptocurrency scam websites flagged to the FBI, with American victims reportedly losing over $150,000 on average per case. Authorities believe a large number of these incidents are never reported, implying that the actual impact may be substantially higher.
Advanced Fraud Schemes Uncovered
As detailed in the May 29 release, the company functioned by acquiring IP addresses in bulk from international cloud service providers and then renting them out to fraudsters. These IPs were used to run investment scam websites designed to imitate authentic trading platforms.
Funnull additionally provided resources such as domain generation algorithms (DGAs) and ready-made website templates, helping scammers enhance the appearance of legitimacy and avoid detection or shutdown efforts.
Treasury officials reported that Funnull went as far as injecting harmful code into genuine websites, redirecting visitors to fake investment platforms and online gambling portals. Several of these redirect tactics have been linked to money laundering networks based in China.
Liu Lizhi is accused of keeping thorough records on Funnull’s staff, monitoring their productivity and delegated responsibilities—such as assigning domains used to operate phishing schemes, gambling sites, and cryptocurrency-related fraud platforms.
Pig butchering scams, initially brought to attention by the Treasury’s Financial Crimes Enforcement Network (FinCEN) in 2023, are predominantly run by organized crime groups in Southeast Asia that exploit trafficked individuals for labor.
Fraudsters adopt false identities and craft emotionally charged narratives to gain victims’ trust, gradually convincing them to invest through deceptive cryptocurrency platforms. When the victim stops sending additional funds, communication is abruptly severed, and the scammers vanish with the stolen assets.
These scams have grown increasingly advanced, frequently utilizing tailor-made websites that mimic real platforms and showcase fabricated investment gains. Funnull’s technology—such as domain-spamming tools and swift infrastructure rotation—allowed fraudsters to expand their operations and continue across multiple regions, even in the face of regulatory crackdowns.
Taking Down the Infrastructure Powering Crypto Scams
The designation issued on May 29 falls under Executive Order 13694, as revised by E.O. 14144, which addresses cyber-enabled actions by foreign entities that pose risks to U.S. national security and financial stability.
All assets and property interests of the company located within U.S. jurisdiction have been frozen, and U.S. individuals are prohibited from conducting any transactions involving the firm.
The action was carried out in coordination with the FBI, which released a cybersecurity advisory detailing Funnull’s technological setup and encouraged the public to report potential scam incidents through its Internet Crime Complaint Center (IC3).
Officials from the Treasury stressed that the purpose of these sanctions is to hold wrongdoers accountable while reinforcing the United States’ dedication to upholding a trustworthy and secure digital asset environment.
Entities that breach these sanctions may be subject to civil or criminal consequences. OFAC reiterated that financial institutions and related parties engaging in transactions with sanctioned individuals or organizations risk enforcement measures under strict liability guidelines.
Although the sanctions represent a major enforcement action, OFAC emphasized that the objective goes beyond punishment. The intention is to encourage corrective behavior, providing an opportunity for removal from the Specially Designated Nationals (SDN) list if the sanctioned party can prove compliance.
This measure reflects an ongoing intensification of the U.S. government’s efforts to combat cyber-enabled financial fraud and highlights its determination to hold those facilitating digital crimes responsible.
