U.S. Sanctions Funnull Technology for $200M Crypto Romance Scams

Taguig, Philippines, May 30, 2025 - The U.S. Department of Treasury's Office of Foreign Assets Control (OFAC) has imposed sanctions on Funnull Technology Inc., a Philippines-based company, and its administrator, Liu Lizhi, for their role in facilitating cryptocurrency scams that have cost Americans over $200 million. The company, headquartered in Taguig, is accused of providing infrastructure for thousands of websites involved in romance baiting scams, also known as "pig butchering," which deceive victims into fake crypto investments. This move signals a broader U.S. effort to crack down on cybercrime networks exploiting digital currencies.

Funnull’s Role in Crypto Scams Exposed

The Treasury Department revealed that Funnull Technology enabled virtual currency investment scams by purchasing IP addresses in bulk from major cloud providers like Amazon Web Services (AWS) and Microsoft Azure, then reselling them to cybercriminals. These addresses were used to host fraudulent platforms mimicking legitimate investment sites. Funnel also employed domain generation algorithms (DGAs) to create numerous unique domain names and provided web design templates, allowing scammers to impersonate trusted brands and evade detection.

According to the FBI, since January 2025, Funnull’s infrastructure has been linked to 548 unique Canonical Names (CNAME) tied to over 332,000 domains. Between October 2023 and April 2025, hundreds of these domains were observed migrating simultaneously to new IP addresses, showcasing the scale and agility of the operation.

ALSO READ | SEC Drops Binance Lawsuit in Major Crypto Policy Shift

A History of Malicious Activity

Funnull, also known as Fang Neng CDN, first gained notoriety in June 2024 after acquiring the Polyfill.io JavaScript library and manipulating its code to redirect users from legitimate websites to scam and gambling sites, some of which are linked to Chinese money laundering operations. The Treasury alleges that Liu Lizhi, a Chinese national and Funnull’s administrator, oversaw these activities, maintaining records of employee tasks that included assigning domain names to criminals for phishing, fraud, and illicit gambling. Cybersecurity firm Silent Push previously identified Funnull’s infrastructure as part of the "Triad Nexus," a network promoting fake trading apps and suspect gambling operations.

Recent data indicates that Funnull’s operations have contributed to a record $16.6 billion in cybercrime losses for Americans in 2024, with investment scams alone accounting for $6.5 billion.

Did You Know?
Romance baiting scams, often called "pig butchering," are named after the tactic of "fattening up" victims with false promises before exploiting them financially.

Impact on Victims and U.S. Response

The Treasury estimates that U.S. victims have lost over $200 million to Funnull-linked scams, with an average loss of $150,000 per individual. These romance-baiting scams typically involve fraudsters posing as romantic partners online, building trust before luring victims into fake crypto investments. The sanctions freeze all U.S.-based assets of Funnull and Liu Lizhi and prohibit American entities from engaging with them.

This action follows a broader trend, as the U.S. has recently targeted other cybercrime facilitators, including sanctions on Russia-based Evil Corp in October 2024 for ransomware attacks. Posts on X reflect growing public concern, with many users highlighting the need for stronger protections against such scams in the crypto space.