Crypto mixers have caught the hot end of the stick that is the U.S.’ efforts to sanction North Korea, thanks to their inability to stop DPRK-affiliated groups from using their services to launder ill-gotten gains.
On Monday, the U.S. Department of the Treasury sanctioned virtual asset mixer Tornado Cash, saying that, all in all, it’s been used by virtual crooks to launder $7 billion in crypto since it was first launched in 2019. Officials wrote in a release that the stolen billions include $455 million of the total $625 million stolen from the Ronin Network used by NFT-based game Axie Infinity. The FBI has said that the North Korean-affiliated Lazarus Group was behind the hack.
With the announcement, the Office of Foreign Asset Control added Tornado Cash to its list of blocked nationals and persons called the Specially Designated Nationals and Blocked Persons List, which includes cryptocurrency addresses. The agency did say that entities can get themselves removed from the list by complying with the agency’s complaints then requesting their name be stricken from the files. But as of now, practically every Tornado Cash-affiliated wallet has been added to the sanctions list.
Crypto mixers effectively take multiple users’ crypto and then shuffle it around before dolling each user back their original amount, minus a fee. This helps obscure the source of the original crypto address. Of course, Tornado isn’t the only mixer that’s been cited for use by crypto thieves. A recent report showed that 10% of funds sent to mixers came from supposed illicit accounts, and it’s been getting progressively worse. The report also noted Lazarus Group was responsible for 30% of all sanctioned companies activity on mixers.
In addition, treasury officials said Tornado was used to launder over $96 million from the Harmony Bridge hack (another breach connected to Lazarus) and $7.8 million from the recent Nomad heist. Other crypto security firms like Elliptic have also tracked the numbers of bad actors moving their crypto through Tornado Cash. Elliptic reported there have been $1.54 billion worth of ether and USDC processed through the mixer, where $462.3 million of that was from sanctioned entities like Lazarus.
Gizmodo reached out to Tornado Cash through their Twitter account, but have yet to immediately hear back.
Some users online suggested Blender perform a fork, basically duplicating itself from a previous version, to get around the new sanctions. A Treasury department official told reporters they would be watching for any “rebranding” efforts.
That sanction effectively mandates that any U.S. citizen who trades or receives money connected to addresses from Tornado Cash can be prosecuted under sanction laws. This isn’t the first mixer to have this black mark added to their name. Blender.io was previously sanctioned by OFAC for similarly facilitating North Korean-affiliated money laundering.
Brian Nelson, Under Secretary for the Treasury for Terrorism and Financial Intelligence, said in the release that “despite public assurances otherwise,” the mixer hadn’t imposed controls to stop bad actors from using the mixer to launder funds.
The popular Tornado Cash platform operates on multiple blockchains including Ethereum and Binance Smart Chain. Crypto proponents have argued that mixers, while used by criminals, are also used by people looking to maintain their own privacy online, or avoid censors from government sources.
However, the Chainalysis report notes that crypto sourced from DeFi or P2P exchange projects are absolutely dwarfed among the illicit money being mixed. Other wallets with mixing features like Wasabi have announced it would start blocking certain transactions on its mixing protocols.