US Treasury sanctions cryptocurrency mixer for first time, citing Ronin Network hack | #government | #hacking | #cyberattack


The U.S. Treasury Department on Friday sanctioned a cryptocurrency mixing service for the first time, citing evidence that it was used to launder funds stolen by North Korean state-backed hackers.

The department’s Office of Foreign Assets Control (OFAC) said the Blender.io service was used to process more than $20.5 million in illicit proceeds from a March attack on the Ronin Network, which connects the Axie Infinity online game to the Ethereum blockchain. That incident, which cost the company more than $620 million at the time, was linked to North Korean hackers known as the Lazarus Group.

“Virtual currency mixers that assist illicit transactions pose a threat to U.S. national security interests,” said Brian E. Nelson, undersecretary of the Treasury for terrorism and financial intelligence. “We are taking action against illicit financial activity by the DPRK and will not allow state-sponsored thievery and its money-laundering enablers to go unanswered.”

Blender.io has services that operate in English and Russian, and cybercrime researchers have cited it as one of the most popular mixers. The operators had not posted anything on the website or their Telegram channels about the sanctions as of Friday morning. The service did not immediately reply to an email from The Record. In the past, Blender.io has provided information through the bitcointalk.org forum. Its most recent post was about a temporary shutdown on April 5.

The Blender.io website was unavailable as of 10 a.m. Eastern time.

The Treasury attributed the Ronin Network hack to the Lazarus Group in mid-April. On Friday, OFAC added more Lazarus Group-linked cryptocurrency wallets to its list of sanctioned entities. OFAC initially sanctioned the group in September 2019.

Friday’s announcement takes a dim view of cryptocurrency mixers, which are often touted as a way for coin owners to protect their privacy.

“Blender.io (Blender) is a virtual currency mixer that operates on the Bitcoin blockchain and indiscriminately facilitates illicit transactions by obfuscating their origin, destination, and counterparties,” OFAC said. “Blender receives a variety of transactions and mixes them together before transmitting them to their ultimate destinations.” 

The investigation also found links to transactions by Russia-linked ransomware groups “including Trickbot, Conti, Ryuk, Sodinokibi, and Gandcrab,” OFAC said.

Authorities and cryptocurrency exchanges continue to track the proceeds from the Ronin Network heist. In late April the Binance exchange said it was freezing $5.8 million in funds linked to the attack. When OFAC first attributed the attack to Lazarus, cryptocurrency-tracking company Elliptic noted that millions of dollars’ worth of digital assets from the incident already had moved through various services.

Lazarus Group’s interest in cryptocurrency has increased in recent years as the North Korean government continues to look for ways to bring in money while evading global sanctions for its nuclear program and other offenses.

Joe Warminsky is the news editor for The Record. He has more than 25 years experience as an editor and writer in the Washington, D.C., area. Most recently he helped lead CyberScoop for more than five years. Prior to that, he was a digital editor at WAMU 88.5, the NPR affiliate in Washington, and he spent more than a decade editing coverage of Congress for CQ Roll Call.





Original Source link

Leave a Reply

Your email address will not be published.

eighty three − seventy five =