Treasury Sanctions FUNNULL for Enabling Global Cybercrime
Back in October 2024, our analysts uncovered and exposed a sprawling network of domains routed through a China-based CDN service called FUNNULL. Our research revealed how this infrastructure quietly enabled cybercriminals — including groups linked to Russia and North Korea — to leverage U.S. cloud providers for malicious activity.
Today, the U.S. Treasury sanctioned FUNNULL, labelling it a major distributor of online scams. This comes just months after our findings were published and reported by Brian Krebs, showing how FUNNULL-supported domains promoted gambling sites tied to Suncity Group — a name cited in a 2024 UN report for laundering money for North Korea’s Lazarus Group.
Cybercrime infrastructure is evolving fast — security teams must adapt a proactive approach to detection.
Resources:
Infrastructure Laundering On-Demand Webinar
Initial Silent Push FUNNULL public report
Book A Demo
The Silent Push Chrome Extension is available to Enterprise users with an API key. Book a quick demo to see how upgrading can help you uncover attacker infrastructure smarter, faster, and with more confidence.
