The US Treasury Department announced Friday that it is sanctioning Blender.io, essentially shutting the Bitcoin mixer off from the US financial system (legally, anyway). The department claims that the service, which allows people to cover up the record commonly held by the blockchain, was used by North Korea to “support its malicious cyber activities and money laundering of stolen virtual currencies”.
According to the Treasury press release, Blender.io was used by the hacking group Lazarus to launder $20.5 million in cryptocurrency that it allegedly stole from the cryptocurrency-based game. Axie Infinity† Full proceeds from the hack, which linked the Treasury to Lazarus and North Korea in April, was estimated at around $625 million at the time, although several million dollars in cash have been recovered. The Treasury says that Lazarus is sponsored by the government of North Korea and that the country uses hackers to “generate revenue for its illegal weapons of mass destruction (WMD) and ballistic missile programs.”
The Treasury’s press release says this is the first time it has ever sanctioned a virtual currency mixer. (It has, however, imposed other crypto-related sanctions; most notably, it issued its first sanction against an exchange last year.) Blender.io wasn’t the only tool the hackers used, though — starting with the money stolen from Axie InfinityRonin’s network was originally in Ethereum and USDC, and Blender works with Bitcoin; at some point there had to be a conversion. There are also reports that the hackers filtered some of the money through Tornado Cash, a service intended to make it more difficult to track transactions.
The US Treasury Department also alleges that Blender has laundered money for ransomware organizations such as Conti, Trickbot, and Sodinokibi (aka REvil). Now that it has been sanctioned, it can no longer access its funds that were stored in the US, nor can it transact with US companies or citizens.
Blender and other mixers work by pooling funds deposited and then randomly distributing them. Since transactions are recorded on the blockchain, it can be very difficult to use stolen money without using these types of services. Stolen coins go into the blender and the hackers theoretically get clean coins back. (And whoever has the stolen coins can point back to the mixer and say, “Well, you can see I didn’t take them out of the wallet myself.”)
As happened with the axie hacking, governments can penalize wallets affiliated with hacking groups, and researchers can track the movements of stolen cryptos. If criminals want to convert their illegally obtained crypto into Lamborghinis, for example, they have to make sure that they are not detected.
Of course, as the Treasury points out, there are perfectly legal uses for these types of services – people could use them to gain some semblance of privacy when making purchases with crypto, for example. But with the crypto crime department keeping a close eye on it, it’s starting to feel like companies need to be very careful about whose money they take and drop.