U.S. imposes restrictions on cloud service provider tied to unlawful pig butchering operations schemes
In a significant move, the Philippines-based cloud infrastructure provider, Funnull Technology Inc., has been sanctioned by the U.S. Department of the Treasury and the FBI for its role in facilitating illicit virtual currency investment scams, particularly "pig butchering" scams.
Who is Funnull and its Operator?
Funnull operates as a content delivery network (CDN) that supports hundreds of thousands of websites linked to virtual currency scams, primarily targeting American victims. The alleged operator of Funnull is Liu “Steve” Lizhi, a Chinese national in his early 40s, who is the lead developer and owner of the CDN. Liu, an expert web developer with a history in open-source projects and developer communities since at least 2010, is believed by cybersecurity analysts not to be the mastermind behind the individual investment schemes. Instead, Funnull acts as an “infrastructure laundering” hub, enabling multiple unnamed criminals, dubbed the “Triad Nexus,” to host their scam websites and launder illicit profits.
Role in Illicit Activities
Funnull's infrastructure has been linked to scams that have caused over $200 million in financial losses to American victims. The company's network hosts sites involved in "pig butchering" scams, a form of elaborate romance and investment fraud where victims are emotionally manipulated into sending large sums of money. Funnull uses Western cloud providers in the U.S. to route web traffic for these fraudulent sites, effectively masking their origins and making takedown efforts difficult. This method of abusing Western cloud infrastructure is referred to as “Infrastructure Laundering.”
Following U.S. sanctions, many major American tech companies, such as GitHub, PayPal, Twitter/X, LinkedIn, Facebook, Google Groups, and Medium, were found to still host accounts tied to Liu and Funnull, illustrating the challenges in fully curbing their operations.
Despite the sanctions, Funnull's infrastructure continues to be problematic due to insufficient enforcement by tech platforms. The brand is said to be a key enabler of "infrastructure laundering," whereby cybercriminals relay their malicious traffic through US cloud providers.
In conclusion, Funnull is a cloud infrastructure provider deeply embedded in supporting large-scale virtual currency scams, especially pig butchering investment frauds, by offering a content delivery network used by cybercriminals globally. Its operator, Liu “Steve” Lizhi, is a skilled developer who created and maintains this illicit infrastructure, which leverages Western cloud providers to facilitate fraud and money laundering. The U.S. sanctions highlight the ongoing challenges in combating such criminal activities and the need for continued vigilance and cooperation between law enforcement agencies and tech companies.
- Funnull, a Chinese national named Liu "Steve" Lizhi's content delivery network (CDN), has been sanctioned for its role in facilitating illicit virtual currency investment scams, particularly "pig butchering" scams, causing over $200 million in financial losses to American victims.
- Liu, an expert web developer, is believed by cybersecurity analysts to be an enabler of "infrastructure laundering," a method where criminals relay their malicious traffic through US cloud providers using Funnull's CDN.
- Despite the U.S. sanctions, major American tech companies like GitHub, PayPal, Twitter, LinkedIn, Facebook, Google Groups, and Medium continue to host accounts tied to Liu and Funnull, showcasing the difficulties in fully curbing their operations.
- The ongoing challenge in combating such criminal activities, according to the conclusion, necessitates continued vigilance and cooperation between law enforcement agencies and tech companies, addressing Funnull's problematic infrastructure that acts as a key enabler of large-scale virtual currency scams and money laundering.
