U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams – Krebs on Security

US Treasury sanctioned the firm Funnull Technology as major cyber scam facilitator

The U.S. sanctioned Funnull Technology and Liu Lizhi for aiding romance scams that caused major crypto losses through fraud infrastructure.

Security Affairs
🚨 BREAKING NEWS: The U.S. government discovered that a cloud provider named "Funnull" is actually an all-you-can-eat buffet for #scammers. 🍖 Apparently, their servers are full of "pig butchering" acts—because why settle for small-time cons when you can go whole hog? 🐖🐷💸
https://krebsonsecurity.com/2025/05/u-s-sanctions-cloud-provider-funnull-as-top-source-of-pig-butchering-scams/ #BreakingNews #CloudProvider #Funnull #PigButchering #CyberFraud #HackerNews #ngated
U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams – Krebs on Security

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams – Krebs on Security

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams - Image: Shutterstock, ArtHead.
The U.S. government today imposed economic sanctions... https://krebsonsecurity.com/2025/05/u-s-sanctions-cloud-provider-funnull-as-top-source-of-pig-butchering-scams/ #starkindustriressolutionsltd #infrastructurelaundering #neer-do-wellnews #alittlesunshine #ivanneculiti #lazarusgroup #suncitygroup #yurineculiti #webfraud2.0 #zachedwards #silentpush #microsoft #funnull #amazon
U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams – Krebs on Security

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams – Krebs on Security

Infrastructure Laundering: Blending in with the Cloud – Krebs on Security

🚨 New Cybercrime Tactic Alert: Infrastructure Laundering: Cybercriminals are exploiting cloud services like AWS & Azure to fuel phishing, scams, & money laundering. The #FUNNULL CDN is abusing IP rentals for large-scale fraud.

Read: https://hackread.com/funnull-aws-azure-abused-global-cybercrime-operations/

#CyberSecurity #CyberCrime #AWS #Azure #Fraud

FUNNULL Unmasked: AWS, Azure Abused for Global Cybercrime Operations

Follow us on Bluesky, Twitter (X) and Facebook at @Hackread

Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News

> #China-based company #Funnull acquired the domain and the GitHub account that hosted the #JavaScript code. On June 25, researchers from #security firm Sansec reported that code hosted on the polyfill domain had been changed to redirect users to adult- and gambling-themed websites. The code was deliberately designed to mask the redirections by performing them only at certain times of the day and only against visitors who met specific criteria.

https://arstechnica.com/security/2024/07/384000-sites-link-to-code-library-caught-performing-supply-chain-attack/

#polyfillio #supplyChain

384,000 sites pull code from sketchy code library recently bought by Chinese firm

Many website admins, it seems, have yet to get memo to remove Polyfill[.]io links.

Ars Technica

https://go.theregister.com/feed/www.theregister.com/2024/06/28/polyfillio_cloudflare_malware/

Trustworthy business: „[…] #Funnull claims to be based in Slovenia while also "made in the USA," its various office addresses around the world on its website don't exist, and its WhatsApp and WeChat contact number is in the Philippines. The site's underlying language and Telegram profile is in Mandarin […]. The #Polyfill Twitter account meanwhile says it's based in the UK.“

Polyfill.io owner punches back at 'malicious defamation' amid domain shutdown

No supply-chain attacks to see over here!

The Register