The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has announced new sanctions on a cryptocurrency mixer Blender.io, which happens to be used by North Korea (DPRK) and other illicit activity.
In a press release on May 6, OFAC said that the mixer is allegedly being used by hackers in North Korea to “support its malicious cyber activities and money-laundering of stolen virtual currency.”
OFAC claims that Blender has been used to launder funds for Russian-linked ransomware groups such as Trickbot, Conti, Ryuk, Sodinokibi, and Gandcrab. It also alleges that Blender was used to obfuscate $20.5 million of illegal proceeds connected to the infamous Ronin hack in March. The crypto theft – one of the largest ever at $620 million – drained the treasury of the popular play-to-earn game Axie Infinity, and hackers then dispersed the funds to various exchanges and mixers afterward.
Crypto mixers are privacy-enhancing services that allow users to erase the digital money trail left by most transactions on blockchain networks like Bitcoin and Ethereum. Data for all ordinary transfers on such networks is publicly accessible, which is helpful to authorities when cracking down on illicit finance. However, mixers can make that job more difficult.
“While most virtual currency activity is licit, it can be used for illicit activity, including sanctions evasion, through mixers, peer-to-peer exchangers, darknet markets, and exchanges,” the US Treasury Department clarified. “This includes the facilitation of heists, ransomware schemes, and other cybercrimes.”
The announcement details that as a result of the sanctions, all property, and interests in property of Blender.io, in the US or in the possession or control of US persons, are blocked and must be reported to the OFAC. Moreover, any entities that are 50% owned or more by one or more blocked persons are also blocked, and all transactions by US persons or within the U.S. involving designated or blocked persons are prohibited.
“Virtual currency mixers that assist illicit transactions pose a threat to US national security interests,” said Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson in a press release. “We are taking action against illicit financial activity by the DPRK and will not allow state-sponsored thievery and its money-laundering enablers to go unanswered.”
OFAC will also update its List of Specially Designated Nationals and Blocked Persons (SDN List) to include crypto addresses linked to the Lazarus Group, an anonymous cybercrime group linked to the North Korean state that has been sanctioned by the Treasury since 2019.