Home Feature news US punishes Blender.io for helping North Korea launder millions in stolen Axie...

US punishes Blender.io for helping North Korea launder millions in stolen Axie crypto

The US Treasury Department announced on Friday that it’s sanctioning Blender.io, essentially cutting the Bitcoin mixer off from the US financial system (legally speaking, anyway). The department alleges that the service, which lets people obfuscate the record usually kept by the blockchain, was used by North Korea to “support its malicious cyber activities and money-laundering of stolen virtual currency.”

According to the Treasury’s press release, Blender.io was used by the Lazarus hacking group to launder $20.5 million worth of the cryptocurrency it allegedly stole from the crypto-based game Axie Infinity. The entire proceeds of the hack, which the Treasury linked to Lazarus and North Korea in April, were estimated to be worth around $625 million at the time, though a few million dollars worth of funds have been recovered. The Treasury says that Lazarus is sponsored by North Korea’s government and that the country uses hackers to “generate revenue for its unlawful weapons of mass destruction (WMD) and ballistic missile programs.”

The Treasury’s press release says this is the first time it’s ever levied sanctions against a virtual currency mixer. (It has done other crypto-related sanctions, though; notably, last year, it issued its first sanction against an exchange.) Blender.io wasn’t the only tool the hackers used, though — to start, the funds stolen from Axie Infinity’s Ronin network were originally in Ethereum and USDC, and Blender works with Bitcoin; at some point, there had to be a conversion. There are also reports that the hackers filtered some of the funds through Tornado Cash, a service meant to make it harder to track transactions.

The US Treasury also alleges that Blender laundered money for ransomware organizations like Conti, Trickbot, and Sodinokibi (aka REvil). Now that it’s sanctioned, it won’t be able to access any of its funds that were stored within the US, nor can it do transactions with American companies or citizens.

Blender and other mixers work by pooling together deposited funds, then randomly distributing them. Because transactions are recorded on the blockchain, it can be very difficult to use stolen funds without using these types of services. Stolen coins go into the blender, and the hackers will, in theory, get clean coins back. (And whoever ends up with the stolen coins can point back to the mixer, saying “Well, you can see I didn’t take them out of the wallet myself.”)

As happened with the Axie hack, governments can sanction wallets that are affiliated with hacking groups, and researchers can track stolen crypto’s movement. If criminals want to convert their ill-gotten crypto into, say, Lamborghinis, they have to make sure that’s not being traced.

Of course, as the Treasury points out, there are perfectly legal uses for this kind of service — people could use them to gain some semblance of privacy when making purchases with crypto, for instance. But with the department keeping such a close eye on crypto crimes, it’s starting to feel like firms will have to be very careful about whose money they take and tumble.

Most Popular

Hot Topics To Cover In Your eLearning Guest Post [July 2022 Edition]

Which Topics Will Pique Readers' Interest? Writing guest posts is one of the best ways to build your personal brand and establish your niche expertise....

How Custom eLearning Can Help Drive Skills Development

Custom eLearning Resonates With Employees Over 80% of employers have used online learning since 2011 to help their workers improve their capabilities . But this type of...

What Is Instructor-Led Training? Essential Traits Of A Successful ILT Program

What Is Instructor-Led Training And How Can You Enhance L&D Through Learning Technologies? Contrary to critics’ claims, instructor-led training is not the remnant of a...