U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
The U.S. government has taken a significant step in cracking down on cybercrime by imposing economic sanctions on Funnull Technology Inc., a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams known as "pig butchering." This move comes after months of investigations and warnings from security experts, who have exposed the dark underbelly of Funnull's operations.
A Target of U.S. Authorities
In January 2025, KrebsOnSecurity detailed how Funnull was being used as a content delivery network that catered to cybercriminals seeking to route their traffic through U.S.-based cloud providers. The report revealed that Funnull had been facilitating several virtual currency investment scam schemes, resulting in over $200 million in U.S. victim-reported losses.
The "Pig Butchering" Scam
The Treasury Department described the pig butchering scam as a rampant form of fraud where people are lured by flirtatious strangers online into investing in fraudulent cryptocurrency trading platforms. Victims are coached to invest more and more money into what appears to be an extremely profitable trading platform, only to find their money is gone when they wish to cash out.
A Global Problem with U.S.-Based Cloud Providers
The use of U.S.-based cloud providers has proven to be a boon for cybercriminals, as many organizations will not aggressively block traffic from these networks due to concerns about blocking access to legitimate web destinations. This lack of oversight allows scammers to funnel their bad traffic through U.S. cloud Internet providers, making it difficult for law enforcement agencies to track and disrupt their operations.
A Shared Responsibility
Security experts like Zach Edwards of Silent Push have highlighted the shared responsibility between U.S.-based cloud providers and law enforcement agencies in combating cybercrime. While Amazon has taken steps to address the issue, including stopping hundreds of attempts related to this group, other companies are still struggling with removing Funnull servers from their networks.
A Sanctioned Infrastructure
The EU has also imposed sanctions on Stark Industries Solutions, an ISP that was used as a global proxy network by Russian cybercrime groups. The EU said that Stark and its co-founders had enabled various Russian state-sponsored actors to conduct destabilizing activities, including coordinated information manipulation and interference.
A New Era of Cooperation
The U.S.-EU sanctions on Funnull and Stark Industries Solutions demonstrate a new era of cooperation in combating cybercrime. As the threat landscape continues to evolve, it is clear that international collaboration will be crucial in disrupting the operations of cybercriminals and bringing them to justice.
A Call to Action
As we move forward in this fight against cybercrime, it is essential that U.S.-based cloud providers take a proactive role in addressing these issues. By working closely with law enforcement agencies and security experts, we can create a safer online environment for all users and bring those responsible for these heinous crimes to justice.
A Shared Future
The future of cybersecurity is uncertain, but one thing is clear: it will require a collective effort from governments, cloud providers, and security experts to protect our online lives from the threats that lurk in the shadows. By working together, we can create a safer and more secure digital world for everyone.