OFAC, a branch of the US Treasury Department, has just added the cryptocurrency blender Blender.io to its list of sanctions. The latter will now be unable to interact with funds originating from US soil, being accused in particular of having allowed the hacker group Lazarus to achieve its ends during the Ronin sidechain hack.
U.S. cracks down on cryptocurrency mixer
On Friday, the U.S. Treasury Department announced that it was sanctioning Blender.io, a cryptocurrency blender that erases traces of transactions made through blockchains.
According to the Office of Foreign Assets Control (OFAC), the US Treasury’s agency responsible for enforcing US international financial sanctions, Blender.io is accused of aiding North Korea by “supporting its malicious cyber activities and money laundering in stolen virtual currency”.
Specifically, the cryptocurrency blender is accused of enabling the North Korean hacker group Lazarus to escape with some of the $620 million stolen in the Ronin sidechain hack last March.
This follows the investigation already launched by the US Treasury two weeks ago, during which it added three addresses to its Specially Designated Nationals and Blocked Persons List (SDN list), a list also under the control of OFAC.
In the statement issued by the US Treasury on this matter, we see that the Treasury is saying yes, so it is no longer a matter of mere suspicion:
” […] The U.S. Treasury Department’s OFAC has sanctioned the cryptocurrency blender Blender.io, which is used by the Democratic People’s Republic of Korea (DPRK) to support its malicious activities […]. On March 23, Lazarus Group, a DPRK state-sponsored cyber hacking group, carried out the largest cryptocurrency theft to date, worth $620 million. “
Concretely, as a result of the OFAC sanctions, Blender.io will no longer be able to interact with funds from the US, or even transact with US companies or US citizens.
The problem with cryptocurrency blenders
To date, this is the first time a cryptocurrency mixer has received sanctions for allegations of this nature. However, this is not surprising, as it is a tool that is very often used by hackers in their operations.
Similar to Blender.io, Tornado Cash is currently the most widely used cryptocurrency mixer, and its name comes up a lot in the various hacks taking place in the blockchain ecosystem.
Since funds passing through the blockchain are easily traceable, the mixers allow funds deposited on their platform to be mixed together. In theory, the funds are then redistributed across different wallets, with no way of knowing where they originally came from.
Diagram of how Blender.io works
According to the OFAC investigation launched last month, Blender.io also allegedly facilitated money laundering for Russian malicious hacker groups, including Conti (Ryuk), Trickbot, Sodinoboki (REvil) and Grandcrab.
According to an exit statement by US Secretary of State Antony Blinken, dialogue is preferred over repeated sanctions:
The United States remains committed to pursuing diplomacy with the DPRK and calls on the DPRK to engage in dialogue. At the same time, we will continue to address the DPRK’s illegal cyber activities, as well as violations of UN Security Council resolutions. ”
These are the second sanctions imposed by the US internationally in the cryptocurrency sector in recent times. Indeed, by the end of April, the Treasury Department had added mining giant BitFinex and a dozen of its subsidiaries to its list of “Specially Designated Nationals. “
