3rd Avenue and 30th Street, 14th Floor, C6 Road, Purok 5, Net Cube Center, E Square Zone, Lower Bicutan, Fourth District, Taguig City, 1632, National Capital Region, Philippines;
China
Reg. ID
2021090024665-00, Registration Number
Official reason
Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Funnull Technology Inc., a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams, commonly known as “pig butchering,” along with its administrator, Liu Lizhi. Americans lose billions of dollars annually to these cyber scams, with revenues generated from these crimes rising to record levels in 2024. Funnull has directly facilitated several of these schemes, resulting in over $200 million in U.S. victim-reported losses. Funnull Technology Inc. (Funnull) enables virtual currency investment scams by purchasing IP addresses in bulk from major cloud services companies worldwide and selling them to cybercriminals to host scam platforms and other malicious web content. Funnull is linked to the majority of virtual currency investment scam websites reported to the FBI. U.S.-based victims of these scam websites have reported over $200 million in losses, with average losses of over $150,000 per individual. These figures likely underestimate the total losses, as many victims of scams do not report the crime. Funnull generates domain names for websites on its purchased IP addresses using domain generation algorithms (DGAs)—programs that generate large numbers of similar but unique names for websites—and provides web design templates to cybercriminals. These services not only make it easier for cybercriminals to impersonate trusted brands when creating scam websites, but also allow them to quickly change to different domain names and IP addresses when legitimate providers attempt to take the websites down. In 2024, Funnull purchased a repository of code used by web developers and maliciously altered the code to redirect visitors of legitimate websites to scam websites and online gambling sites, some of which are linked to Chinese criminal money laundering operations. Liu Lizhi (Liu), a Chinese national, is an administrator of Funnull. Liu was involved in and possessed spreadsheets and other documents containing information about Funnull’s employees, their performance, and their progress on tasks. These tasks included assigning domain names to cybercriminals, including domains associated with virtual currency investment fraud, phishing scams, and online gambling sites. OFAC is designating Funnull pursuant to Executive Order (E.O.) 13694, as further amended by E.O. 14144, for having materially assisted, sponsored, or provided financial, material, or technological support for, or goods or services to or in support of cyber-enabled activities originating from, or directed by persons located, in whole or substantial part, outside the United States that is reasonably likely to result in, or has materially contributed to, a threat to the national security, foreign policy, or economic health or financial stability of the United States and that has the purpose of or involves causing a misappropriation of funds or economic resources, intellectual property, proprietary or business confidential information, personal identifiers, or financial information for commercial or competitive advantage or private financial gain. OFAC is also designating Liu pursuant to E.O. 13694, as further amended by E.O. 14144, for being owned or controlled by, or having acted or purported to act for or on behalf of, directly or indirectly, Funnull.
• Executive Order 13694 of April 1, 2015 Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities
• Executive Order 13757 of December 28, 2016 Taking Additional Steps to Address the National Emergency With Respect to Significant Malicious Cyber-Enabled Activities
• JANUARY 16, 2025 Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity
JANUARY 15, 2025. FACT SHEET: New Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity. Malicious countries and criminals continue to target the United States Government, corporations and individual Americans with cyberattacks. They disrupt critical services, businesses and individual lives, costing billions of dollars and harming national security. This capstone executive order is the result of a review of how these attacks occurred, to understand how to better protect and secure these systems, stay ahead of threats, and make it riskier, costlier and harder for cyber attackers to conduct future attacks.
The United States stands alone among major economies in lacking secure, privacy-preserving digital identity infrastructure, leaving Americans exposed to a wave of cybercrime. Indeed, Americans face $56 billion in identity fraud every year and the U.S. Government confronts billions of dollars in fraud in Federal programs due to the lack of secure, usable digital identities. The Executive Order addresses this problem, making Federal programs more efficient, cutting bureaucracy and fraud, helping Americans be safe online, and promoting America’s digital economy.
Defending against cyber attackers requires rapidly deploying new technologies. The Executive Order addresses this challenge by promoting the use of new AI-based tools for cyber defense and accelerating the transition to “post-quantum cryptographic” algorithms to resist attacks leveraging quantum computing capabilities.
