US sanctions Sindbad crypto mixer allegedly used by North Korea’s Lazarus hackers

US sanctions Sindbad crypto mixer allegedly used by North Korea’s Lazarus hackers

The US authorities have seized the virtual currency mixer Sinbad.io allegedly used by the North Korean government-backed hacker group Lazarus for laundering assets stolen in multiple crypto heists.

At the same time, the US Department of the Treasury’s Office of Foreign Assets Control (OFAC) imposed sanctions against Sindbad, describing the cryptocurrency mixer as “a key money-laundering tool” of Lazarus Group.

“Sinbad has processed millions of dollars’ worth of virtual currency from Lazarus Group heists, including the Horizon Bridge and Axie Infinity heists. Sinbad is also used by cybercriminals to obfuscate transactions linked to malign activities such as sanctions evasion, drug trafficking, the purchase of child sexual abuse materials, and additional illicit sales on darknet marketplaces,” the OFAC said in a statement.

Sindbad is believed to be a successor of Blender.io, a cryptocurrency mixer sanctioned by the US authorities in May 2022 for enabling North Korea to conduct "malicious cyber activities and money laundering.” In August 2022, the OFAC imposed sanctions on the crypto mixer Tornado Cash for allegedly helping to launder more than $7 billion worth of cryptocurrency since its creation in 2019, including $455 million stolen by a North Korean state-sponsored threat actor known as Lazarus Group.

Sinbad was used to launder a significant portion of the $100 million worth of crypto Lazarus stole in June 2023 from customers of Atomic Wallet, OFAC said. Lazarus also used the mixer “to launder a significant portion” of crypto stolen in the $620 million Axie Infinity theft and the $100 million Horizon Bridge heist.

Back to the list

Latest Posts

US agencies warn of rising cyber threats from Iran-linked hackers

US agencies warn of rising cyber threats from Iran-linked hackers

Recent months have seen a notable uptick in activity from Iranian-linked hacktivists and government-affiliated threat groups.
1 July 2025
Google rolls out urgent Chrome security patch for active zero-day

Google rolls out urgent Chrome security patch for active zero-day

The flaw, tracked as CVE-2025-6554, is described as a type confusion bug in Chrome's V8 JavaScript and WebAssembly engine.
1 July 2025
Canada bans Chinese surveillance firm Hikvision over national security concerns

Canada bans Chinese surveillance firm Hikvision over national security concerns

From now on, all federal departments, agencies, and Crown corporations are prohibited from purchasing Hikvision products.
1 July 2025