North Korea has laundered $1 billion in crypto via Tornado Cash - and the US Treasury just slammed the platform with sanctions
prosen@insider.com (Phil Rosen) - Yesterday
© REUTERS/KCNANorth Korean leader Kim Jong Un. REUTERS/KCNA
The US Treasury sanctioned Tornado Cash, a cryptocurrency platform used by criminals for obscuring origins of funds.
As of Monday, all US entities or persons are barred from using Tornado Cash.
North Korea cyber-criminals have laundered $1 billion in crypto through this platform, TRM Labs said.
The US Treasury Department's Office of Foreign Asset Control on Monday sanctioned crypto platform Tornado Cash, which North Korean hackers have used for laundering.
The sanctions prohibit any Americans or American entities from using Tornado Cash. The government alleged the platform had shortcomings that benefited cyber-criminals, who have used Tornado Cash to launder $7 billion in crypto.
"Despite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risks," said Brian Nelson, Under Secretary of the Treasury for Terrorism and Financial Intelligence, in a statement.
And according to a separate estimate from TRM Labs, North Korea alone has laundered approximately $1 billion in stolen funds through Tornado Cash.
Related video: Americans Banned From Using Crypto-Mixing Service Tornado CashDuration 9:28 View on Watch
The digital asset mixer — which is used to obscure the origins of funds and privately transact on the Ethereum blockchain — was involved in the Axie Infinity hack in March, when North Korean cyber-criminal group Lazarus stole $625 million.
"Today's sanctions against Tornado Cash is a watershed moment, not only for the crypto industry, but for financial sanctions writ-large as it targets, as, opposed to prior sanctions, a widely used mixing service and, potentially, answers the question of whether or not US regulators and law enforcement are going to tolerate the use of mixers to launder illicit proceeds," Ari Redbord, head of legal and government affairs at TRM Labs, told Insider in emailed comments.
Efforts to reach Tornado Cash for comment were not successful.
Redbord also noted that North Korea in particular is a cash-strapped government with minimal export revenues, so cryptocurrency laundering has a particularly high upside for the nation's bad actors and could be used to fund weapons programs.
In April, Redbord told Insider that North Korean groups have perpetrated many online hacks, but they've grown increasingly sophisticated over time.
"Over the last year or so, we've moved from a post 9/11 world into a new digital battlefield," he said previously. "Nation-state actors know to go after crypto businesses to fund real weapon proliferation. It's not just some hackers trying to fund a lifestyle."
The U.S. Treasury on Monday sanctioned a virtual currency mixer that it says was used by a North Korean state-sponsored hacking organization to launder stolen funds.
Aug. 9 (UPI) -- The Biden administration has sanctioned virtual currency mixer Tornado Cash on accusations of being used to launder billions of dollars of virtual currency, including funds stolen by North Korean hackers.
The U.S. Treasury announced the sanctions against the popular virtual currency mixer on Monday, stating it has been used to launder more than $7 billion for cybercriminals since its founding in 2019.
Of the cryptocurrency the United States said it laundered includes hundreds of millions stolen by the Lazarus Group, a North Korean state-sponsored hacking organization that was responsible for the largest known currency heist of some $620 million in Etherum reported on March 29.
"Despite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyberactors on a regular basis and without basic measures to address its risks," Brian Nelson, under secretary of the Treasury for Terrorism and Financial intelligence, said in a statement.
The Treasury said Tornado Cash was used by the North Korean hackers to launder more than $455 million of the money they stole in late March as well as about $96 million of the $100 million they stole from the Horizon Bridge crypto transfer service heist in late June and at least $7.8 million they stole early this month from cryptocurrency bridge provider Nomad.
The sanctions announced Monday prohibit U.S. persons from doing business with Tornado Cash.
The cryptocurrency mixer was blacklisted as the United States takes aim at the virtual currency systems that cybercriminals use to hid their illicit dealings.
In early May, the Treasury sanctioned virtual currency mixer Blender.io, which has also been used by the North Korean hackers to launder their stolen funds.
In April, the FBI, the Cybersecurity and Infrastructure Security Agency and the Treasury issued an alert warning that North Korean cyberattacks on cryptocurrency and blockchain platforms were escalating.
"The United States will not hesitate to use it authorities against malicious cyberactors to expose, disrupt and promote accountability for perpetrators and enablers of criminal activities," Secretary of State Antony Blinken said in a statement.