Close Menu
Cyberattacks

U.S. Sanctions $200M Romance Scam Linked to Crypto Fraud

Staff WriterBy No Comments4 Mins Read0 Views

Essential Insights

  1. The U.S. Treasury sanctioned Funnull Technology Inc. and its administrator Liu Lizhi for facilitating romance baiting scams, resulting in over $200 million in losses for American victims.

  2. Funnull has been implicated in cybercrime, using its infrastructure to host thousands of investment scams and fake trading applications, with a significant focus on infrastructure laundering.

  3. The company generates and sells domain names to cybercriminals, enabling them to quickly adapt and evade takedown efforts while impersonating trusted brands.

  4. The FBI tracked 548 unique Funnull CNAMEs associated with over 332,000 domains, highlighting extensive criminal activity from October 2023 to April 2025.

Underlying Problem

On May 30, 2025, the U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) imposed sanctions on Funnull Technology Inc., a company based in the Philippines, along with its administrator, Liu Lizhi. This action stemmed from Funnull’s provision of critical infrastructure that facilitated extensive romance baiting scams, which have collectively resulted in staggering losses exceeding $200 million for U.S. victims. Reports indicate that thousands of websites associated with Funnull have perpetuated cryptocurrency investment scams, extracting an average loss of over $150,000 per individual.

Funnull, also known as Fang Neng CDN, initially drew scrutiny from cybersecurity experts due to its earlier involvement in a supply chain attack and the dubious practice of “infrastructure laundering.” This involved leasing IP addresses from reputable cloud service providers, including AWS and Microsoft Azure, which were then used to host fraudulent platforms. The Treasury’s assertions detail how Funnull not only generated domains for cybercriminals but also provided design templates, thereby streamlining the process for creating deceptive websites. The FBI corroborated these findings, identifying over 332,000 unique domains linked to Funnull and observing troubling patterns of IP activity indicative of ongoing criminal operations.

Potential Risks

The recent sanctions against Funnull Technology Inc. and its administrator, Liu Lizhi, illuminate significant risks to businesses and organizations that may inadvertently engage with compromised service infrastructures. Primarily, companies reliant on cloud service providers must remain vigilant, as the exploitation of reputable IP address networks for malicious activities like romance baiting scams can lead to reputational damage, regulatory scrutiny, and potential legal liabilities. As Funnull’s operations demonstrate, the use of infrastructure laundering poses a dual threat: it not only facilitates the rapid proliferation of fraudulent websites but also undermines consumer trust across legitimate sectors by muddying the waters between authentic and deceptive online presences. Consequently, businesses could face substantial financial losses from regulatory fines, customer attrition, and increased cybersecurity costs aimed at mitigating the fallout from such compromised associations.

Possible Actions

The urgency of addressing the U.S. Sanctions Funnull regarding the $200 million romance baiting scams linked to crypto fraud cannot be overstated. Swift action is vital to mitigate reputational damage and financial losses.

Mitigation Measures

  1. Enhanced Monitoring
    Implement advanced network surveillance tools to detect anomalous financial transactions.

  2. Public Awareness Campaign
    Foster awareness through community outreach, emphasizing the risks of romance scams and crypto fraud.

  3. Collaboration with Law Enforcement
    Strengthen partnerships with federal and local agencies to streamline reporting and response to such scams.

  4. Incident Response Protocols
    Develop comprehensive incident response strategies that include immediate reporting and remediation processes.

  5. Policy Review and Updates
    Regularly update compliance policies to reflect the evolving landscape of sanctions and fraud prevention techniques.

  6. Training Programs
    Conduct training for employees and stakeholders on identifying and responding to potential fraud attempts.

NIST CSF Guidance
The NIST Cybersecurity Framework (CSF) emphasizes the necessity of a holistic approach to risk management. Specifically, refer to the Framework’s Protect function, which underscores the importance of safeguarding assets and ensuring continuity of operations. For comprehensive specifics, consult NIST Special Publication 800-53, which provides detailed controls for security and privacy.

Advance Your Cyber Knowledge

Stay informed on the latest Threat Intelligence and Cyberattacks.

Understand foundational security frameworks via NIST CSF on Wikipedia.

Disclaimer: The information provided may not always be accurate or up to date. Please do your own research, as the cybersecurity landscape evolves rapidly. Intended for secondary references purposes only.

Cyberattacks-V1

Share.
Avatar photo

John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.

Related Posts

Comments are closed.