Source URL: https://krebsonsecurity.com/2025/05/u-s-sanctions-cloud-provider-funnull-as-top-source-of-pig-butchering-scams/
Source: Krebs on Security
Title: U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
Feedly Summary: The U.S. government today imposed economic sanctions on Funnull Technology Inc., a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams, commonly known as “pig butchering.” In January 2025, KrebsOnSecurity detailed how Funnull was being used as a content delivery network that catered to cybercriminals seeking to route their traffic through U.S.-based cloud providers.
AI Summary and Description: Yes
**Summary:** The text details recent sanctions imposed by the U.S. government on Funnull Technology Inc., a company linked to a variety of cybercrimes, particularly scams involving virtual currencies. The discussion highlights how such cybercriminal enterprises exploit U.S.-based cloud infrastructure to perpetrate fraud, and contrasts the actions taken against Funnull with those against another entity, Stark Industries Solutions, which has also been implicated in malicious cyber activities. This information is highly relevant for professionals in security and compliance, particularly regarding cloud computing security and regulatory responses to cyber threats.
**Detailed Description:**
The text provides a comprehensive overview of the activities of Funnull Technology Inc., which has been sanctioned due to its involvement in cybercrime, particularly fraud schemes associated with cryptocurrency. Key points include:
– **Sanction Details:**
– The U.S. Department of the Treasury imposed sanctions on Funnull Technology Inc. and its administrator Liu Lizhi, labeling them as facilitators of various scams.
– Funnull’s operations reportedly led to over $200 million in financial losses for U.S. citizens.
– **Nature of the Scams:**
– The “pig butchering” scam involves deceiving individuals into investing in fraudulent cryptocurrency platforms, leading to significant financial losses without any returns.
– Victims are often coerced into paying additional fees to access their funds, thus exacerbating their losses.
– **Criminal Infrastructure:**
– Funnull operates as a content delivery network (CDN) that supports scam websites. It routes fraudulent traffic through U.S.-based cloud services to avoid detection and enhance operational security.
– The FBI provided a technical report detailing the infrastructure used by Funnull and how it managed malicious domains.
– **Responses from Cloud Providers:**
– Both Amazon and Microsoft have publicly acknowledged the issue, with Amazon stating that it actively combats abuse on its AWS platform. However, reports indicate that Amazon has struggled to completely remove Funnull’s presence from its network.
– **Comparison with Other Entities:**
– The text draws parallels with a separate case concerning Stark Industries Solutions, sanctioned by the EU for its involvement in cyberattacks and disinformation campaigns. This suggests a broader trend of regulation against cybercriminals leveraging cloud infrastructure.
– **Implications for Security and Compliance:**
– The reliance of cybercriminals on U.S. cloud services highlights significant challenges for organizations in ensuring robust security and compliance.
– The sanctions emphasize the need for regulatory frameworks that can effectively respond to cyber threats while balancing the operational demands of legitimate cloud users.
**Key Insights for Professionals:**
– As cybercriminals increasingly exploit the anonymity provided by cloud infrastructures, organizations must implement stricter security measures and compliance checks to mitigate risks.
– Understanding the dynamics of threats and regulatory responses will be essential for maintaining a secure operational environment, particularly for stakeholders in the cloud computing security domain.