9 August 2022

US bans Tornado Cash cryptocurrency mixer used by North Korean hackers


US bans Tornado Cash cryptocurrency mixer used by North Korean hackers

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed sanctions on Tornado Cash, a popular virtual currency mixer, for allegedly helping to launder more than $7 billion worth of cryptocurrency since its creation in 2019, including $455 million stolen by a North Korean state-sponsored threat actor known as Lazarus Group.

In March, the US authorities accused Lazarus of the theft of $620 million in cryptocurrency from the Ronin network used for the Axie Infinity blockchain-based game and announced sanctions against the hacker group.

The OFAC said in a press release that Tornado Cash was also used to launder more than $96 million of malicious cyber actors’ funds stolen from the Harmony Bridge platform in June, and at least $7.8 million from the recent Nomad heist.

“Despite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risks,” said Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson.

In May, the OFAC sanctioned the virtual currency mixer Blender.io, allegedly used by the North Korean hackers to launder stolen funds.

Back to the list

Latest Posts

What is Vulnerability Management? A Beginner's Guide

What is Vulnerability Management? A Beginner's Guide

In this article will try to cover basics of vulnerability management process and why it is important to every company.
11 September 2024
Cyber Security Week in Review: September 6, 2024

Cyber Security Week in Review: September 6, 2024

In brief: the US charges Russian GRU hackers for attacks on Ukraine, Apache, Cisco, Zyxel patch high-risk flaws, Google fixes Android zero-day, and more.
6 September 2024
Threat actors using MacroPack Red Team framework to deploy Brute Ratel, Havoc and PhantomCore

Threat actors using MacroPack Red Team framework to deploy Brute Ratel, Havoc and PhantomCore

Some of the documents appeared to be part of legitimate Red Team exercises, while other were intended for malicious purposes.
5 September 2024