The United States Treasury has imposed sanctions on Funnull Technology, a Philippines-based tech company, for allegedly enabling large-scale crypto scams. The Office of Foreign Assets Control (OFAC) announced on May 29 that Funnull provided infrastructure and services to thousands of fraudulent investment platforms, helping scammers steal more than $200 million from unsuspecting victims.

Funnull’s Alleged Role in Scam Infrastructure

According to OFAC, Funnull Technology played a central role in facilitating online scams by purchasing internet protocol (IP) addresses in bulk from cloud service providers. These IP addresses were then sold to cybercriminals, who used them to host counterfeit versions of legitimate investment platforms and crypto trading websites. This enabled scammers to impersonate trusted brands and deceive users into handing over their digital assets.

In one particularly alarming incident in 2024, Funnull reportedly acquired a repository of open-source web development code, modified it maliciously, and repurposed it to redirect traffic from genuine websites to fraudulent domains and online gambling platforms. This tactic exploited the trust of everyday users and developers, further blurring the line between authentic and malicious websites.

“These services not only make it easier for cybercriminals to impersonate trusted brands but also allow them to quickly change to different domain names and IP addresses when legitimate providers attempt to take the websites down,” OFAC stated.

Funnull and the Triad Nexus

Blockchain analytics firm Chainalysis has identified Funnull as a central player in a vast network of fraudulent operations, dubbed the Triad Nexus. This network includes more than 200,000 unique hostnames associated with fake trading platforms and crypto investment scams.

According to Chainalysis, crypto wallets linked to Funnull showed “indirect exposure to various types of scams and domain management infrastructure vendors.” The company’s activities reportedly allowed bad actors to cycle through new domains and IPs at an alarming rate, evading takedowns and maintaining a persistent scam presence across the internet.

Sanctions Target Funnull and Administrator Liu Lizhi

Alongside Funnull, OFAC also sanctioned Liu Lizhi, a Chinese national believed to be the firm’s primary administrator. Lizhi allegedly managed employees and oversaw Funnull’s operations. As a result of the sanctions, both Lizhi and Funnull have been added to OFAC’s Specially Designated Nationals and Blocked Persons (SDN) list.

Being placed on the SDN list has significant implications. It freezes any US-based assets held by the sanctioned individuals or entities and prohibits any US citizens or companies from engaging in financial transactions or business dealings with them. Violators may face steep civil or criminal penalties.

Two crypto wallet addresses associated with Funnull were also sanctioned. These wallets, according to Chainalysis, were likely used to receive illicit payments from cybercriminals as part of the firm’s service offerings.

Impact and Global Implications

The US government’s action signals a growing commitment to disrupting the infrastructure that enables crypto-related fraud. By targeting service providers like Funnull, regulators hope to cut off the backend support that allows scam networks to thrive.

This move may also encourage other jurisdictions to take more proactive steps in policing digital infrastructure abuses. As scams become more sophisticated and global, cooperation between regulatory bodies, cybersecurity firms, and law enforcement agencies will be critical in curbing the rise of crypto crime.