The United States government has imposed sanctions on Funnull, a company accused of providing infrastructure for cybercriminals who operate “pig butchering” crypto scams, resulting in $200 million in losses for American victims.
On Thursday, the Treasury’s Office of Foreign Assets Control announced the sanctions, stating that Funnull is “linked to the majority of virtual currency investment scam websites reported to the FBI.” The press release noted that the average loss per victim is $150,000, but the total losses are likely underestimated since many scam victims do not report the crime.
Pig butchering scams typically involve criminals approaching victims online, often under the guise of a romantic relationship, with the intention of deceiving them into investing in fake crypto projects.
According to the Treasury, Funnull is a Philippines-based company run by Chinese national Liu Lizhi, who was also sanctioned on Thursday.
The Treasury alleges that Funnull generates domain names for websites on its owned IP addresses and provides “web design templates to cybercriminals.” This enables cybercriminals to impersonate trusted brands and quickly change domain names and IP addresses when legitimate providers attempt to take down the scam websites.
“These services not only make it easier for cybercriminals to impersonate trusted brands when creating scam websites, but also allow them to quickly change to different domain names and IP addresses when legitimate providers attempt to take the websites down,” the Treasury said.
The FBI released an alert with additional information about these activities.
The Treasury referenced the Polyfill supply chain attack in its press release, stating that Funnull “purchased a repository of code used by web developers and maliciously altered the code to redirect visitors of legitimate websites to scam websites and online gambling sites, some of which are linked to Chinese criminal money laundering operations.”
These activities are consistent with the accusations made by researchers from cybersecurity firm Silent Push against Funnull last year. The researchers found that Funnull was responsible for the Polyfill supply chain attack, which aimed to push malware to visitors of websites using Polyfill’s code, redirecting them to a network of casino and online gambling sites.
Contact Us
Do you have more information about Funnull or other companies facilitating scams? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email.
Zach Edwards, a researcher at Silent Push who worked on the Funnull report last year, told TechCrunch that he was “really glad to see the facts aligned with our suspicions.”
Source Link
