A Chinese national and the Philippine company he worked for are sanctioned by the US Treasury on Thursday for facilitating a massive pig butchering scam network that swindled Americans out of a whopping $200 million.
The US Treasury Department’s Office of Foreign Assets Control (OFAC) handed down sanctions against Funnull Technology Inc. and its administrator, Liu Lizhi, for providing the technology infrastructure to carry out a massive number of virtual investment schemes targeting victims in the US.
Based in the Philippines, OFAC says that Funnull Technology was used to provide computer infrastructure for hundreds of thousands of websites used to facilitate the scams.
“Americans lose billions of dollars annually to these cyber scams, with revenues generated from these crimes rising to record levels in 2024. Funnull has directly facilitated several of these schemes, resulting in over $200 million in U.S. victim-reported losses,” the US Treasury said on Thursday.
Today, the Department of the Treasury’s Office of Foreign Assets Control sanctioned Funnull Technology Inc., a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams, commonly known as…
undefined Treasury Department (@USTreasury) May 29, 2025
Pig butchering scams, also known as romance scams, are when a bad actor uses a fake persona to forge a romantic relationship with the victim, with the sole purpose of eventually convincing them to invest money on fraudulent platforms, often based in virtual currency.
"The scammers leverage fictitious identities, the guise of potential relationships, and elaborate storylines to deceive victims into believing they are in trusted relationships," OFAC said.
Once the victim invests their money, usually in small amounts at first to gain their trust, the bad actor will disappear, leaving the victim heartbroken and penniless.
It is estimated that each individual victim has been swindled out of about $150,000, with a grand total of at least $200 million, according to the Treasury since 2023. But in reality, the amount of losses is probably much higher, as many victims do not come forward and report these types of crimes due to shame or embarrassment.
A Treasury alert on pig butchering scams additionally pointed out that they are “largely perpetrated by criminal organizations based in Southeast Asia” and often use forced labor to conduct the outreach to find unsuspecting victims.
In June, the FBI warned that romance scammers have upped their game with the use of AI, fueling a 137% increase in sextortion schemes this year alone.
Funnull distributed hundreds of thousands of IP addresses
Funnull Technologies is accused of facilitating the scams by purchasing IP addresses in bulk from major cloud service companies and then providing the infrastructure services to host the ‘appearing-to-be’ legitimate crypto investment platforms, websites, and applications.
“Funnull acquires these facilities from legitimate providers in the United States and sells them to cyber criminals,” officials said.
The FBI, in tandem with Thursday's sanctions, also put out a cybersecurity advisory seeking the public's help to take down more of these companies and providing the indicators of compromise (IOCs) "associated with malicious cyber activities linked to Funnull Technology."
Since January 2025, the FBI said it has identified 548 unique Funnull Canonical Names (CNAME) linked to over 332,000 unique domains.
"Funnull generates domain names for websites on its purchased IP addresses using domain generation algorithms (DGAs)—programs that generate large numbers of similar but unique names for websites—and provides web design templates to cybercriminals," the FBI said.
This allows the cybercriminals to easily create websites that impersonate trusted brands and then quickly change IP addresses and domain names once discovered by authorities or providers who attempt to take them down.
In 2024, Funnull was said to have even purchased a repository of code that the company maliciously altered to redirect users on legitimate websites to scam websites and online gambling sites linked to Chinese criminal money laundering operations.
Meanwhile, Liu, a 40-year-old Chinese national linked to addresses in Shanghai and Ganzhou, according to Reuters, was said to be responsible for assigning the domain names to the cybercriminals.
Liu was also said to possess Funnull spreadsheets and other documents containing information about its employees, their performance, and their progress on tasks.
Your email address will not be published. Required fields are markedmarked