🚨 Crypto Scam Alert: FBI Uncovers Massive Infrastructure Behind Global Investment Frauds
💡 Introduction
In an urgent security bulletin released on May 29, 2025, the FBI, in coordination with DHS/CISA, has issued a FLASH alert warning the global cybersecurity community of a large-scale infrastructure operation that has supported cryptocurrency investment frauds—commonly known as "Pig Butchering Scams." The center of this cybercriminal web is a company named Funnull Technology Inc., operating out of the Philippines.
🧠 What is “Pig Butchering”?
Pig butchering scams are a blend of romance scams and investment frauds. Criminals initiate contact with victims through social platforms or messaging apps, feigning romantic interest or friendship. Once trust is established, they lure the victim into investing in fraudulent crypto platforms. The money, rather than being invested, is directly siphoned off by the scam operators.
🕸️ Infrastructure Behind the Scams
The FBI has identified that Funnull Technology Inc. has been instrumental in providing backend infrastructure—IP addresses, hosting, and DNS services—for thousands of fraudulent websites.
Key Findings:
-
548+ unique Canonical Names (CNAMEs) associated with Funnull were discovered.
-
These CNAMEs mapped to over 332,000 domains—many mimicking legitimate crypto platforms.
-
Mass migrations of IP addresses across these domains suggest coordinated fraud infrastructure.
🌐 Notable Suspicious Domains
A small sample of domain names connected to the infrastructure includes:
-
bakkt-crypto.com -
coinbase-mpred.com -
bitcoincvb.top -
asx-redirectext.com -
bitopiklc.com
⚠️ Mitigation Recommendations
For Internet Providers, DNS Providers & Security Vendors:
-
Elevate the risk score for domains hosted on Funnull-related infrastructure.
-
Enable risk-based user warnings on suspicious domains.
For End Users:
-
Never assume a green lock (HTTPS) means a site is safe.
-
Be cautious with unsolicited investment offers from strangers online.
For Investors:
-
Verify if the investment firm is registered with regulatory bodies like the National Futures Association (NFA) or FINRA.
📣 What to Do If You Spot a Scam
Report suspicious activity immediately to your nearest FBI cyber squad via:
Include as many details as possible:
-
Time & location of incident
-
Domain or website used
-
Screenshots or logs
-
Any communications from the scammer
📢 Final Thoughts
The scale and sophistication of these scams underscore the importance of vigilance, verification, and early reporting. The FBI’s unprecedented public release of this infrastructure is a call to action for security professionals, domain registrars, browser makers, and end users.
Stay informed. Stay protected. And never trust investment offers that come from strangers with sweet words and fast returns.
