The United States Treasury Department Office of Foreign Assets Control (OFAC) announced Friday that it was sanctioning cryptocurrency mixer Blender.io for its role in laundering proceeds from the hacking of Axie Infinity’s Ronin Bridge. North Korean state-sponsored hackers Lazarus Group have been identified as the perpetrators of the attack.
Treasury Under Secretary for Terrorism and Financial Intelligence Brian E. Nelson said in a statement:
“Today, for the first time ever, Treasury is sanctioning a virtual currency mixer. […] We are taking action against illicit financial activity by the DPRK and will not allow state-sponsored thievery and its money-laundering enablers to go unanswered.”
Under the sanctions, all Blender.io property in the United States or in the possession of U.S. persons is blocked and must be reported to OFAC.
According to OFAC, Blender.io processed $20.5 million out of approximately $620 million stolen from the Vietnam-based play-to-earn game in the form of roughly 173,600 Ether (ETH) and 25.5 million USD Coin (USDC). OFAC also found during its investigation that Blender.io had facilitated money laundering for Russia-linked ransomware groups including Trickbot, Conti, Ryuk, Sodinokibi and Gandcrab. The Blender.io website was offline at the time of writing.
The Treasury agency also added the addresses of four wallets used by Lazarus Group to launder some of the stolen funds to its List of Specially Designated Nationals and Blocked Persons.
Related: US Treasury Dept sanctions 3 Ethereum addresses allegedly linked to North Korea
There has been a security breach on the Ronin Network.https://t.co/ktAp9w5qpP
— Ronin (@Ronin_Network) March 29, 2022
The Ronin Bridge hack took place on March 23, but it was only discovered the following week. The bridge was accessed through game developer Sky Mavis. That organization had been indefinitely whitelisted after helping process a surge in transactions. Sky Mavis raised $150 million to reimburse users who lost money in the exploit, and Binance was able to recover $5.8 million of the money from 86 accounts. Lazarus Group was identified as the hackers by OFAC in mid-April.
The US Treasury recently issued sanctions on the crypto mixer ChipMixer for its role in the recent Axie Infinity hack. By using ChipMixer’s services, the hackers were able to anonymously funnel away millions of dollars worth of cryptocurrency.
ChipMixer is a cryptocurrency tumbler service, which mixes different inputs to produce a completely different output as a way of making transactions difficult to trace. Although these services are sometimes used to help protect users’ identities, they are also popular tools utilized by hackers when trying to hide the origin of their improper funds.
In the recent Axie Infinity hack, the hackers managed to move away almost $7.8 million worth of cryptocurrency stolen from users’ accounts. In this case, experts have concluded that the hackers exploited a vulnerability in the smart contract code. Fortunately, due to a bug bounty program, Axie Infinity developers were able to patch the vulnerability within an hour of the attack.
As part of the US Treasury’s sanctioned action, the department released a statement saying, “ChipMixer’s services are being used to conceal the source of ill-gotten gains and launder the proceeds of cybercrime.” The US Treasury’s Office of Foreign Assets Control (OFAC) had previously issued an advisory warning against the use of digital currency mixers and tumblers that allow users to cover their tracks and remain anonymous while trading cryptocurrency.
Going forward, multiple other regulators have pledged to further investigate the matter and promised to take additional necessary measures to protect the interest of their users and prevent any further illegal activities from taking place.
Although many cryptocurrency exchanges have taken steps to protect themselves, this recent incident highlights the importance of additional security measures and stringent monitoring for suspicious transactions. It is also important for users to take active steps to protect their own assets and remain aware of any potential risks that may arise.
