đˇ What Are âPig Butcheringâ Scams?
âPig butcheringâ scams are long-con frauds where criminals build fake online relationshipsâoften romanticâto trick victims into investing in bogus crypto platforms. Victims are âfattened upâ with fake profits before being scammed out of their savings.
According to the U.S. Treasury, more than $200 million in American funds were stolen using infrastructure linked to Funnull Technology Inc., a Philippines-based cloud provider.
đ Why Funnull Was Sanctioned
Funnull allegedly provided technical infrastructure that enabled scam operators to thrive by:
-
Leasing IP addresses from AWS and Azure, then distributing them to phishing and scam websites.
-
Hosting crypto scam websites with quick domain-switching to evade detection.
-
Supporting wallets and payment gateways used in laundering stolen funds.
The Treasury also sanctioned Liu Lizhi, a Chinese national operating behind Funnull.
đ See official OFAC release
đĄ Why Pig Butchering Uses U.S.-Based Cloud Services
Cybercriminals favor hosting through U.S. cloud providers to:
-
Avoid geo-blocking and improve speed to Western victims.
-
Lend legitimacy to scam IPs and domains.
-
Delay takedown requests by hiding behind shared infrastructure.
âď¸ Global Response: U.S. and EU Crack Down
The U.S. Treasury and EU authorities are taking coordinated action:
-
Sanctioning cloud providers like Funnull.
-
Freezing crypto wallets connected to scam operations.
-
Increasing scrutiny on infrastructure leasing practices.
đ Read the Reuters coverage
đĄď¸ Cybersecurity Takeaways
| Stakeholder | Recommended Action |
|---|---|
| Cloud Providers | Tighten vetting, block abuse vectors, monitor suspicious use |
| Security Teams | Block sanctioned IPs, use threat intel feeds |
| Blockchain Analysts | Track scam-linked wallets using Chainalysis tools |
| Policy Makers | Mandate accountability for infrastructure misuse |
đ§ Expert Insight
-
Elliptic: Tracked crypto wallet activity tied to Funnull.
-
Chainalysis: Identified pig butchering scam clusters and wallet flows.
-
Silent Push: Helped uncover domain rotation and abuse infrastructure.
â Final Thoughts
Funnullâs sanction is a bold step in dismantling global cyberfraud networks. It highlights a growing trend: âInfrastructure launderingâ via cloud platforms. To combat this, defenders must collaborate across security, cloud, and crypto sectorsâand remain ever vigilant.