The U.S. Treasury Department on Friday sanctioned a cryptocurrency mixing service for the first time, citing evidence that it was used to launder funds stolen by North Korean state-backed hackers.
The department’s Office of Foreign Assets Control (OFAC) said the Blender.io service was used to process more than $20.5 million in illicit proceeds from a March attack on the Ronin Network, which connects the Axie Infinity online game to the Ethereum blockchain. That incident, which cost the company more than $620 million at the time, was linked to North Korean hackers known as the Lazarus Group.
“Virtual currency mixers that assist illicit transactions pose a threat to U.S. national security interests,” said Brian E. Nelson, undersecretary of the Treasury for terrorism and financial intelligence. “We are taking action against illicit financial activity by the DPRK and will not allow state-sponsored thievery and its money-laundering enablers to go unanswered.”
For the first time ever, Treasury has sanctioned a virtual currency mixer. https://t.co/FqzTn4UISd is used by the DPRK to support malicious cyber activities & money-laundering of stolen virtual currency. https://t.co/LS0pnsOlqB pic.twitter.com/ISCoQgBxkv
— Treasury Department (@USTreasury) May 6, 2022
Blender.io has services that operate in English and Russian. The operators had not posted anything on the website or their Telegram channels about the sanctions as of Friday morning. The service did not immediately reply to an email from The Record. In the past, Blender.io has provided information through the bitcointalk.org forum. Its most recent post was about a temporary shutdown on April 5.
The Blender.io website was unavailable as of 10 a.m. Eastern time.
The Treasury attributed the Ronin Network hack to the Lazarus Group in mid-April. On Friday, OFAC added more Lazarus Group-linked cryptocurrency wallets to its list of sanctioned entities. OFAC initially sanctioned the group in September 2019.
Friday’s announcement takes a dim view of cryptocurrency mixers, which are often touted as a way for coin owners to protect their privacy.
“Blender.io (Blender) is a virtual currency mixer that operates on the Bitcoin blockchain and indiscriminately facilitates illicit transactions by obfuscating their origin, destination, and counterparties,” OFAC said. “Blender receives a variety of transactions and mixes them together before transmitting them to their ultimate destinations.”
The investigation also found links to transactions by Russia-linked “ransomware groups including Trickbot, Conti, Ryuk, Sodinokibi, and Gandcrab,” OFAC said.
Authorities and cryptocurrency exchanges continue to track the proceeds from the Ronin Network heist. In late April the Binance exchange said it was freezing $5.8 million in funds linked to the attack. When OFAC first attributed the attack to Lazarus, cryptocurrency-tracking company Elliptic noted that millions of dollars’ worth of digital assets from the incident already had moved through various services.
Lazarus Group’s interest in cryptocurrency has increased in recent years as the North Korean government continues to look for ways to bring in money while evading global sanctions for its nuclear program and other offenses.
The post US Treasury sanctions cryptocurrency mixer for first time, citing Ronin Network hack appeared first on The Record by Recorded Future.
Article Link: US Treasury sanctions cryptocurrency mixer for first time, citing Ronin Network hack