While most virtual currency activity is legal, it can be abused for criminal activity, including sanctions evasion. The United States continues to target malicious actors and the virtual asset service providers they use, including virtual currency mixer Tornado Cash for its involvement in laundering a portion of the more than $600 million stolen by the Democratic People’s Republic of Korea, or DPRK, hackers earlier this year.
These hackers are associated with APT38 and the Lazarus Group, which were sanctioned by the United States in 2019.
This is the second virtual currency mixer designated by the U.S. Department of the Treasury, as it follows the sanctions imposed on Blender.io in May 2022. This mixer was also involved in laundering a portion of the more than $600 million DPRK hackers stole earlier this year.
Tornado Cash has also been used to launder more than $96 million derived from the June 24, 2022 Harmony Bridge Heist, and at least $7.8 million from the August 2, 2022 Nomad Heist. Tornado Cash has also reportedly been used to launder billions worth of virtual currency since its creation in 2019.
Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian Nelson said, “Despite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risks. Treasury will continue to aggressively pursue actions against mixers that launder virtual currency for criminals and those who assist them.”
The U.S. government has worked to expose components of the virtual currency ecosystem, like Tornado Cash and Blender.io that cybercriminals use to hide the proceeds from illicit cyber activity and other crimes. Virtual currency can be used for a variety of illicit activities, including sanctions evasion through mixers, peer-to-peer exchangers, darknet markets, and exchanges, as well as the facilitation of heists, ransomware schemes, fraud, and other cybercrimes.
The U.S. continues to use its authorities against malicious cyber actors in concert with other U.S. departments and agencies to expose, disrupt, and hold accountable perpetrators and persons that enable criminals to profit from cybercrime and other illicit activity.