Cybersecurity News that Matters

Cybersecurity News that Matters

US blacklisted crypto mixer over alleged ties to North Korean hacking group

by Kuksung Nam, Areum Hwang, Arthur Gregory Willers

Nov. 30, 2023
10:33 AM GMT+9

The United States Treasury Department imposed sanctions on Wednesday on a virtual currency mixer, accusing it of assisting a North Korean hacking group to launder its illicit proceeds.

On November 29, the U.S. Treasury’s Office of Foreign Assets Control (OFAC) stated that the sanctioned mixer, named Sinbad.io, was a “key money laundering tool” for the Lazarus Group. The Lazarus Group, which has also been under U.S. sanctions since 2019, is widely known for carrying out cyberattacks on behalf of the North Korean government, which authorities believe continue to generate funds for its nuclear and missile programs from illicit cyber activities.

The Treasury Department explained that Sinbad was responsible for laundering a substantial portion of virtual currencies that the Lazarus group had stolen in three different cryptocurrency heists undertaken in March and June of 2022 and June of this year. The North Korean hackers stole approximately $820 million in virtual currencies in these three heists, according to the Treasury Department. The OFAC did not name an exact amount but stated that the problematic mixer has processed millions of dollars in digital assets on behalf of cybercriminals.

Cryptocurrency mixer services mask the transaction of virtual currencies by collecting assets from different users and redistributing them from a centralized location. While this process offers legitimate users enhanced privacy, it also enables cybercriminals to remain anonymous, which facilitates them in masking their misconduct. The Treasury Department added that numerous other cybercriminals use Sinbad in addition to Lazarus, to obscure the flow of virtual assets, evade sanctions, purchase child sexual abuse materials, and sell illicit products on the darknet marketplace.

“Mixing services that enable criminal actors, such as the Lazarus Group, to launder stolen assets will face serious consequences,” said Wally Adeyemo, the Deputy Secretary of the Treasury in a statement. “While we encourage responsible innovation in the digital asset ecosystem, we will not hesitate to take action against illicit actors.”

The U.S. has been blacklisting virtual currency mixers that allegedly have ties with the Lazarus Group. In May of last year, the Treasury Department imposed sanctions on Blender.io, which was the first virtual currency mixer to be sanctioned by the U.S. government, for helping North Korean hackers to launder more than $20.5 million in cryptocurrency. Furthermore, in November of last year, the U.S. added Tornado Cash to its list of sanctioned sites for providing mixing services to the North Korean state-sponsored hacking group.

Subscription

Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

  • Kuksung Nam
    : Author

    Kuksung Nam is a journalist for The Readable. She has extensively traversed the globe to cover the latest stories on the cyber threat landscape and has been producing in-depth stories on security and...

    View all posts
  • Areum Hwang
  • Arthur Gregory Willers

    Arthur Gregory Willers is a copyeditor at The Readable, where he works to make complex cybersecurity news accessible and engaging for readers. With over 20 years in education and publishing, his exper...

    View all posts
Stay Ahead with The Readable's Cybersecurity Insights