The U.S. Department of Justice has seized cloud computing infrastructure tied to subsidiaries of Huione Group, a Cambodia-based corporate conglomerate that federal authorities say served as the backbone of a multi-billion-dollar criminal money laundering network fueling Southeast Asian fraud operations.
What Was Seized and Why It Matters
Federal prosecutors targeted cloud computing accounts operated by Huione Group subsidiaries that functioned as critical financial infrastructure for large-scale cybercrime. The seized accounts were used to process and conceal fraud proceeds before converting them into the traditional banking system via cryptocurrency blockchain networks. The action represents one of the most significant disruptions to a transnational cybercriminal money laundering network in recent years.
Huione Guarantee: A Criminal Marketplace on Telegram
At the center of the operation was Huione Guarantee, also known as Haowang Guarantee, a Telegram-based marketplace that openly handled trade in stolen financial credentials, services connected to human trafficking procurement, and the laundering of proceeds from romance scams. The platform operated through dedicated Telegram channels, providing cybercriminals with a structured marketplace to buy, sell, and move illicit funds at scale.
The Financial Crimes Enforcement Network (FinCEN) assessed that entities linked to Huione Group processed no less than $4 billion in fraud proceeds between August 2021 and January 2025. Those funds were traced back primarily to pig butchering scam centers operating across Southeast Asia — operations that use prolonged online relationship manipulation to convince victims to invest in fraudulent cryptocurrency platforms before disappearing with the funds.
FinCEN Moves to Expand Huione Definition
Concurrent with the DOJ seizure action, FinCEN issued a notice of proposed rulemaking that would formally add H-Pay Service PLC to the regulatory definition of the Huione Group.
FinCEN Notice: Adding H-Pay Service PLC to the Huione Group Definition
The proposed rule would designate H-Pay as a primary money laundering concern under the Bank Secrecy Act, a designation that would impose significant restrictions on U.S. financial institutions conducting transactions linked to the entity.
The regulatory move signals that federal authorities view the Huione ecosystem as broader than previously defined and that enforcement is extending to financial service arms that may have operated at some remove from the more visible criminal marketplace channels.
Victims and the Broader Fraud Ecosystem
The fraud proceeds laundered through Huione-linked infrastructure originated largely from victims in the United States and other countries who were targeted by investment fraud and romance scam operations. Pig butchering schemes — named for the practice of “fattening” victims with trust before defrauding them — have caused billions of dollars in losses to American consumers and represent one of the fastest-growing categories of fraud tracked by federal law enforcement.
How Pig Butchering Proceeds Flowed Through Huione-Linked Infrastructure
Scam centers operating in Myanmar, Cambodia, and other parts of Southeast Asia have increasingly relied on sophisticated cryptocurrency laundering infrastructure to move money across borders and convert criminal proceeds into usable funds, often through a layered chain of exchanges, wallets, and corporate intermediaries.
Impact and Industry Consequences
The seizure directly disrupts cloud-based infrastructure that criminal actors were using to move money, potentially severing connections between the fraud scam centers and their laundering networks. For financial institutions and cryptocurrency compliance teams, the FinCEN proposed rulemaking creates an impending obligation to screen for H-Pay Service PLC exposure and update transaction monitoring controls accordingly.
The enforcement action also signals the growing willingness of U.S. authorities to pursue cloud infrastructure providers and corporate conglomerates that knowingly or negligently host criminal financial operations — not just the individual actors running scam campaigns. With billions of dollars in fraud proceeds flowing through Huione-linked entities over a span of roughly three and a half years, the case marks a high-water mark in coordinated DOJ and FinCEN action against transnational cybercrime financial infrastructure.
Sentencing and further criminal proceedings are expected to follow as the DOJ continues to pursue individuals and entities connected to the broader Huione Group network.
