US Sanctions Virtual Currency Mixer Used By N Korean Cyber Hacking Group

Posted on

The United States has imposed sanctions on virtual currency mixer Sinbad.io (Sinbad) for its role in processing millions of dollars’ worth of virtual currency stolen by North Korean state-sponsored cyber hacking group Lazarus.

Announcing the punitive action, the State Department said cybercriminals also used Sinbad to obfuscate transactions linked to malign activities such as sanctions evasion, drug trafficking, trade in child sexual abuse materials, and illicit sales on darknet marketplaces.

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) said Sinbad has processed millions of dollars’ worth of virtual currency from Lazarus Group heists, including the Horizon Bridge and Axie Infinity heists.

The Treasury Department’s designation of Sinbad builds on earlier actions to expose elements of the virtual currency ecosystem that malicious cyber actors, in particular the Lazarus Group, use to obfuscate the origins and destinations of proceeds from their illicit activities.

On May 6, 2022, OFAC sanctioned Blender.io, the first ever designation of a virtual currency mixer, and on November 8, 2022, OFAC redesignated Tornado Cash, both of which provided mixing services to the Lazarus Group. On April 24, 2023, OFAC sanctioned two over-the-counter virtual currency traders who facilitated the conversion of stolen virtual currency to fiat currency for DPRK actors working with the Lazarus Group.

The U.S. had already designated Lazarus Group in 2019.

According to the U.S. Treasury, Sinbad is responsible for materially assisting in the laundering of millions of dollars in stolen virtual currency and is a preferred mixing service for the Lazarus Group. Sinbad operates on the Bitcoin blockchain and indiscriminately facilitates illicit transactions by obfuscating their origin, destination, and counterparties. Sinbad is believed by some industry experts to be a successor to the Blender.io mixer.

Sinbad was used to launder a significant portion of the $100 million worth of virtual currency stolen on June 3, 2023, from customers of Atomic Wallet. Sinbad was also used to launder a significant portion of virtual currency from the Axie Infinity heist of approximately $620 million in March 2022, and the Horizon Bridge heist of approximately $100 million in June 2022.

The UN Security Council’s Panel of Experts on DPRK sanctions has highlighted Pyongyang’s aggressive cyber-theft campaign, which plays an essential role in generating funds for the dictatorial Communist regime’s unlawful weapons of mass destruction and ballistic missile programs.

Source: Read Full Article