US Treasury Sanctions Filipino Firm for Supporting Massive Crypto Scam Network

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Funnull Technology Inc, a company accused of offering infrastructure for thousands of cryptocurrency schemes facilitated through pig-butchering operations.

The Treasury says the Philippines-based company is responsible for enabling a massive cybercrime operation, also known as “pig butchering,” a scam in which criminals build personal relationships with their victims to lure them into investing in fake crypto platforms.

A sophisticated, global scam engine

In 2024 alone, US citizens lost billions of dollars to these “pig butchering” scams. Funnull-linked operations accounted for more than $200 million in victim-reported losses.

Many of these scams have been tracked back to criminal groups in Southeast Asia who use trafficking victims to send mass messages to targets, building trust under false identities.

What the victims faced

These scams begin with seemingly innocent messages on social media or dating apps. In time, criminals build the illusion of a relationship or romantic interest.

When the fraudsters believe enough trust has been built, victims are encouraged or guided towards crypto schemes or other scams.

Law enforcement agencies underline that these scams are highly sophisticated psychological operations, not just random internet fraud. “Pig butchering” scams exploit human trust, emotions, and financial aspirations, and typically take a considerable amount of time.

Funnull’s infrastructure: a scam factory

Funnull allegedly played a critical back-end role in these scams as the company was responsible for numerous steps necessary in these operations:

• Purchased IP addresses in bulk from global cloud providers.
• Sold hosting access to cybercriminals for fake websites.
• Used domain generation algorithms (DGAs) to create thousands of scam URLs.
• Provided web templates designed to imitate real financial services platforms.

The Treasury Department alleges in a press release that Funnull even injected malicious code into web development repositories in 2024.

“In 2024, Funnull purchased a repository of code used by web developers and maliciously altered the code to redirect visitors of legitimate websites to scam websites and online gambling sites, some of which are linked to Chinese criminal money laundering operations,” the press release states.

Administrator tied to operational management

The company’s administrator, Liu Lizhi, is allegedly responsible for day-to-day operations. Investigators found that Liu maintained records of employee performance and domain assignment, including those linked to phishing, cryptocurrency fraud, and illegal gambling.

The sanctions block all property and assets belonging to Funnull and Liu within the United States or under US jurisdiction. Additionally, US individuals and companies are barred from conducting any transactions with the sanctioned parties, and any business 50% or more owned by Funnull or Liu is also blocked.