US’ OFAC sanctions Blender.io and Identifies North Korean Lazarus Group for Axie Infinity hack
The United States Treasury Department Office of Foreign Assets Control has announced that it will be launching sanctions against the cryptocurrency mixing platform Blender.io for its role in the laundering of the money stolen during the hack against Axie Infinity‘s Ronin Bridge.
OFAC also found that Blender had not only facilitated the laundering of this money, but that it also laundered money for Russian ransomware groups like Trickbot, Conti, Ryuk, Sodinokibi and Gandcrab. Overall, Blender was responsible for laundering $20.5 million, or less than 10% of the total stolen.
In a statement, Brian E. Nelson, the Under-Secretary of the Treasury for Terrorism and Financial Intelligence, stated that this was the very first time that the US government meted out sanctions against a currency mixer:
“Today, for the first time ever, Treasury is sanctioning a virtual currency mixer,” Nelson continued. “Virtual currency mixers that assist illicit transactions pose a threat to U.S. national security interests. We are taking action against illicit financial activity by the DPRK and will not allow state-sponsored thievery and its money-laundering enablers to go unanswered.”
Along with Blender.io, OFAC also stated that the North Korean-sponsored hacker organisation – the Lazarus Group. While it’s a difficult thing to take direct action, the “Treasury is also updating the List of Specially Designated Nationals and Blocked Persons (SDN List) to identify additional virtual currency addresses used by the Lazarus Group to launder illicit proceeds…” So far, this involves 4 Ethereum addresses.
As a recap for those unfamiliar with the hack: Sky Mavis suffered a hack due to a vulnerability within its Ronin resulting in the loss of over $620 million. Since then, Binance had managed to recover $5.8 million of it, with Sky Mavis managing to raise $150 million for those who lost money due to the attack.