The U.S. Treasury Department announced on Friday that it is sanctioning Blender.io, essentially cutting the bitcoin blender off from the U.S. financial system (legally, anyway). The department claims that the service, which allows people to obfuscate the records normally kept by the blockchain, was used by North Korea to “support its malicious cyber activities and launder stolen virtual currencies.”
According to the Treasury Department’s press release, Blender.io was used by the Lazarus hacking group to launder $20.5 million worth of cryptocurrency it allegedly stole from the crypto-based game Axe Infinity. Total proceeds from the hack, which the Treasury Department linked to Lazarus and North Korea in April, were estimated at the time to be around $625 million, though millions of dollars’ worth of funds were recovered. The Treasury Department says Lazarus is sponsored by the North Korean government and that the country uses hackers to “generate revenue for its illicit weapons of mass destruction (WMD) and ballistic missile programs.”
The Treasury Department press release said that this is the first time sanctions have been imposed on a virtual currency mixer. (It has, however, imposed other crypto-related sanctions; notably, it imposed its first sanction on an exchange last year.) However, Blender.io wasn’t the only tool the hackers used — the funds were stolen to begin with Axe Infinity‘s Ronin network was originally in Ethereum and USDC and Blender works with Bitcoin; At some point a change was needed. There are also reports that the hackers filtered some of the funds through Tornado Cash, a service designed to make transactions more difficult to track.
The US Treasury Department also alleges that Blender laundered money for ransomware organizations such as Conti, Trickbot, and Sodinokibi (aka REvil). Now that it has been sanctioned, it cannot access its funds stored in the US, nor transact with American companies or citizens.
Blenders and other blenders work by pooling deposited funds and then randomly distributing them. Because transactions are recorded on the blockchain, it can be very difficult to use stolen funds without using these types of services. Stolen coins go into the mixer and the hackers theoretically get clean coins back. (And whoever ends up with the stolen coins can point back at the blender and say, “Well, you can see I didn’t take them out of the wallet myself.”)
As happened with the axis hack, governments can sanction wallets associated with hacking groups, and researchers can track the movement of stolen cryptos. For example, if criminals want to convert their illicit cryptos into Lamborghinis, they need to ensure that this is not traced.
Of course, as the Treasury points out, there are perfectly legal uses for this type of service — people could use it to gain some semblance of privacy when shopping with crypto, for example. But with the department keeping a close eye on crypto crime, it seems companies need to be very careful about whose money they take and take down.
https://www.theverge.com/2022/5/6/23060544/us-treasury-blender-io-sanctions-bitcoin-mixer US fines Blender.io for helping North Korea launder millions of stolen Axie cryptos