Security News > 2022 > August > US sanctions crypto mixer Tornado Cash used by North Korean hackers
The U.S. Treasury Department's Office of Foreign Assets Control sanctioned Tornado Cash today, a decentralized cryptocurrency mixer service used to launder more than $7 billion since its creation in 2019.
The North Korean-backed APT Lazarus Group also used the crypto mixer to launder approximately $455 million stolen in the largest known cryptocurrency heist ever.
This crypto mixer was also used to make it harder to trace stolen funds after hacking blockchain music platform Audius, the Beanstalk DeFi platform, and the decentralized cryptocurrency exchange Uniswap, as well as in the Arbix Finance exit scam.
"Today, Treasury is sanctioning Tornado Cash, a virtual currency mixer that launders the proceeds of cybercrimes, including those committed against victims in the United States," said Brian E. Nelson, the Under Secretary of the Treasury for Terrorism and Financial Intelligence.
U.S. Treasury has also sanctioned cryptocurrency mixer Blender.io in May, a service the Lazarus hacking group also used to launder cryptocurrency stolen after hacking the Ronin bridge.
"As today's action demonstrates, mixers should in general be considered as high-risk by virtual currency firms, which should only process transactions if they have appropriate controls in place to prevent mixers from being used to launder illicit proceeds."
News URL
Related news
- North Korean Hackers Targeting Developers with Malicious npm Packages (source)
- Russian hackers shift to cloud attacks, US and allies warn (source)
- Japan warns of malicious PyPi packages created by North Korean hackers (source)
- Hackers target FCC, crypto firms in advanced Okta phishing attacks (source)
- Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining (source)
- Crypto scams more costly to the US than ransomware, feds say (source)
- US sanctions APT31 hackers behind critical infrastructure attacks (source)
- US sanctions crypto exchanges used by Russian darknet market, banks (source)
- A “cascade” of errors let Chinese hackers into US government inboxes (source)
- US Health Dept warns hospitals of hackers targeting IT help desks (source)