Ongoing battle against cybercrime, according to Silent Push CEO: A never-ending game of cat and mouse
Unmasking Funnull: The Persistent Cybercrime Organization Behind Virtual Currency Scams
Funnull, a cybercrime organization sanctioned by the US Treasury in 2022, continues to operate, primarily as a content delivery network (CDN) infrastructure for virtual currency investment scams. These scams, often referred to as "pig butchering" schemes, have swindled U.S. victims out of more than $200 million, with an average loss of $150,000 per individual.
Recent developments have shed light on Funnull's activities. In May 2022, the US Treasury and FBI issued a joint advisory explicitly linking Funnull to the majority of virtual currency investment scams reported to the FBI. Since then, Funnull's administrator, Liu Lizhi, a Chinese national, and associated accounts have been under scrutiny and sanctioned, requiring Western cloud companies to terminate their relationships to comply with U.S. regulations.
The FBI has identified 548 unique Funnull Canonical Names (CNAME) linked to over 332,000 unique domains. These domains, often masked using major Western cloud providers such as Amazon and Microsoft, are used to host fraudulent investment websites and facilitate "infrastructure laundering."
Silent Push, a cybersecurity takedown firm, has been tracking Funnull since 2021 and maps the criminal groups as they build out their infrastructure. The goal is to use this knowledge to break up the entire ecosystem of cybercrime. Silent Push collects massive amounts of data on the organizations, which law enforcement can use to build criminal cases and disrupt their operations.
The scale of Funnull's cybercrime infrastructure is described as ridiculously large. Cybercrime groups become aware of Silent Push's activities, potentially leading to other issues. A US financial services company identified a cybercrime organization in 2021 that was spoofing their trading app for financial theft.
The World Economic Forum is collaborating with Silent Push's founder, Bagnall, on the Cyber Crime Atlas project. The aim of the project is to map out relationships between criminal groups. The project provides free access to its platform, data, and analysts, with the goal of helping law enforcement agencies worldwide to combat cybercrime more effectively.
Bagnall emphasizes that cybercrime is a national issue that needs to be addressed on a national level. He suggests that organizations like Funnull, based in China, North Korea, and Russia, operate with tacit approval or outright support from their governments. Bagnall urges countries to recognize and address cybercrime as a national issue to have a better chance of clamping down on it.
This privateering of cybercrime is likened to the historical period of privateers like Francis Drake, who operated with a subtle nod from their home governments. The Cyber Crime Atlas project is a step towards exposing and dismantling these modern-day cyber pirates, providing a crucial tool for law enforcement agencies worldwide in their fight against cybercrime.
- The AI-powered Cyber Crime Atlas project, a collaboration between the World Economic Forum and Silent Push, aims to map out relationships between cybercrime organizations like Funnull, potentially revealing tacit government support.
- With a gigantic infrastructure reportedly used for virtual currency scams, Funnull, sanctioned by the US Treasury in 2022, continues to operate, exploiting Western cloud computing technology and infrastructure laundering.
- The FBI has linked Funnull to more than half of the virtual currency investment scams reported to them, with the organization's administrator, Liu Lizhi, under scrutiny.
- Cybersecurity takedown firm Silent Push collects extensive data on cybercriminal organizations, such as Funnull, to help law enforcement build cases and disrupt their operations, contributing to the fight against cybercrime on a global scale.
