9 August 2022

US bans Tornado Cash cryptocurrency mixer used by North Korean hackers


US bans Tornado Cash cryptocurrency mixer used by North Korean hackers

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed sanctions on Tornado Cash, a popular virtual currency mixer, for allegedly helping to launder more than $7 billion worth of cryptocurrency since its creation in 2019, including $455 million stolen by a North Korean state-sponsored threat actor known as Lazarus Group.

In March, the US authorities accused Lazarus of the theft of $620 million in cryptocurrency from the Ronin network used for the Axie Infinity blockchain-based game and announced sanctions against the hacker group.

The OFAC said in a press release that Tornado Cash was also used to launder more than $96 million of malicious cyber actors’ funds stolen from the Harmony Bridge platform in June, and at least $7.8 million from the recent Nomad heist.

“Despite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risks,” said Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson.

In May, the OFAC sanctioned the virtual currency mixer Blender.io, allegedly used by the North Korean hackers to launder stolen funds.

Back to the list

Latest Posts

Free VPN apps on Google Play turned Android devices into residential proxies

Free VPN apps on Google Play turned Android devices into residential proxies

The threat actor behind this scheme profits by selling access to the residential proxy network to third parties.
28 March 2024
Cyber spies strike Indian government and energy sectors

Cyber spies strike Indian government and energy sectors

The operation involved phishing emails delivering the HackBrowserData info-stealer.
28 March 2024
Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

97 zero-day flaws were exploited in-the-wild in 2023, marking an increase of over 50% compared to 2022.
27 March 2024