Business

Crypto Mixer Sanctioned by US Treasury Department for Role in Axie Infinity Hack

blank

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced on Friday that it is sanctioning cryptocurrency mixer Blender.io for its role in laundering proceeds from the hacking of Axie Infinity’s Ronin bridge. The state-sponsored North Korean hacker group Lazarus Group has been identified as the perpetrator of the attack.

Treasury Department Undersecretary for Terrorism and Financial Intelligence Brian E. Nelson said in a statement:

“Today, for the first time ever, the Treasury sanctioned a virtual currency mixer. […] We take action against DPRK’s illegal financial activities and will not allow state-sponsored theft and its money laundering opportunities to go unanswered.”

As part of the sanctions, all Blender.io property in the United States or owned by US persons will be suspended and must be reported to OFAC.

According to OFAC, Blender.io processed $20.5 million out of about $620 million stolen from the Vietnam-based play-to-earn game in the form of about 173,600 ether (ETH) and 25.5 million USD coin (USDC). OFAC also found during its investigation that Blender.io had facilitated money laundering for Russia-linked ransomware groups such as Trickbot, Conti, Ryuk, Sodinokibi, and Gandcrab. The Blender.io website was offline at the time of writing.

The IRS also added the addresses of four wallets used by the Lazarus Group to launder some of the stolen funds to its list of specially designated nationals and blocked individuals.

Related: US Treasury Sanctions 3 Ethereum Addresses Allegedly Linked to North Korea

The Ronin Bridge hack took place on March 23 but wasn’t discovered until the following week. The bridge was accessed through game developer Sky Mavis. This organization had been whitelisted indefinitely after helping to process a surge in transactions. Sky Mavis raised $150 million to compensate users who lost money in the exploit, and Binance was able to recover $5.8 million of the money from 86 accounts. Lazarus Group was identified as a hacker by OFAC in mid-April.