An investigation by the U.S. Department of the Treasury’s Office of Foreign Assets Control reveals Blender.io was involved with the North Korea crypto laundering case. The department announced it will add the crypto mixing company to its list of organizations sanctioned by the country.
The previous exploit against the blockchain gaming platform Axie Infinity by the Lazarus group was suspected to be sponsored by the North Korean government. The Lazarus group stole around $620M from the Ronin Bridge on 23rd March. According to the data collection, US officials explained that around $20.5M was laundered to North Korea through a platform.
Recent investigations revealed that the attackers used the crypto mixing platform, Blender.io to launder money to North Korea.
Cryptocurrency has become a popular means to launder money in digital currencies due to the anonymity it provides through various companies. Furthermore, since the blockchain industry is yet to have a strong regulatory system, attackers can easily manipulate and hide transactions from the authorities.
Blender.io: a frequent money laundering platform
Blender.io is a crypto mixing platform founded in 2017 that enables users to hide their identities and money when doing transactions. It operates on the bitcoin blockchain and has been widely used to transfer huge amounts of crypto money by hiding it from the eyes of attackers.
Blender.io mixes various transactions together before sending them to the desired destination. The platform has managed to transfer around $500 million in Bitcoin since its launch.
Despite its claim to give individuals privacy, it has been used for illegal activities by crypto hackers. Most of the transactions on Blender.io are money laundering cases linked to Russian groups. Experts claim Blender.io has facilitated Trickbot, Conti, Ryuk, Sodinokibi, and Gandcrab to commit cybercrimes.
Since the big heist on Axie Infinity funds, the US Treasury Department has been closely monitoring these types of platforms to trace any suspicious activity by the Lazarus Group.
Finally, on April 6, the department released a press release explaining Blender.io’s involvement with the Lazarus Group.
Brian E. Nelson, the Under Secretary of the Treasury for Terrorism and Financial Intelligence says, “Today, for the first time ever, Treasury is sanctioning a virtual currency mixer.”
By blacklisting Blender.io, the Treasury hopes it will prevent the platform from helping cybercriminals to do illegal and unauthorized crypto transactions.
Blender.io is the first crypto mixing platform to be sanctioned by the US government. As of now, the platform is no longer available for the public.
Other platforms involved
Blender.io wasn’t the only platform used by Lazarus to transfer money. Since the mixing platform operates on the bitcoin blockchain and the Ronin network on Ethereum and USDC, the group is suspected to have used some other platform to convert.
The initial statement already revealed that hackers used Tornado Cash to filter funds, making it hard to trace the transactions.
North Korea continues to evade US sanctions
With the constant political tussle between the US and North Korea, the US Officials claim the country’s involvement in evading the sanctions through cryptocurrency. Just recently, an Ethereum dev, Virgil Griffith got a 5-year sentence in prison for conspiring with North Korea. He was charged with leaking important details to the country officials that could sabotage the US crypto community.
In the press release, The US Treasury Department stated that the country has been trying “to generate revenue for its unlawful weapons of mass destruction (WMD) and ballistic missile programs” through cryptocurrency.
Nelson also expressed concern about North Korean involvement by saying “We are taking action against illicit financial activity by the DPRK and will not allow state-sponsored thievery and its money-laundering enablers to go unanswered.”
Crypto crimes continue to become more and more complex for cyber police. The US Treasury is investigating the laundered money to North Korea. However, much is yet to be traced as $620M was stolen by the attackers. So far, only $20.5M has been identified.
The affected blockchain game, Axie Infinity team, Sky Mavis, has already refunded the victims. The team managed to take out $450M and raised an additional $150M through Binance. With a total of $600M funds, it repaid the victims.
The involvement of Blender.io shows that these mixing platforms are giving a gateway to more black money crimes than privacy. Authorities should make an effort to regulate these platforms to ensure no hackers escape from their crimes.