The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed sanctions on Tornado Cash, a popular virtual currency mixer, for allegedly helping to launder more than $7 billion worth of cryptocurrency since its creation in 2019, including $455 million stolen by a North Korean state-sponsored threat actor known as Lazarus Group.

In March, the US authorities accused Lazarus of the theft of $620 million in cryptocurrency from the Ronin network used for the Axie Infinity blockchain-based game and announced sanctions against the hacker group.

The OFAC said in a press release that Tornado Cash was also used to launder more than $96 million of malicious cyber actors’ funds stolen from the Harmony Bridge platform in June, and at least $7.8 million from the recent Nomad heist.

“Despite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risks,” said Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson.

In May, the OFAC sanctioned the virtual currency mixer Blender.io, allegedly used by the North Korean hackers to launder stolen funds.