US sanctions cryptocurrency mixing service to support North Korean hackers


For the first time, the US is sanctioning a cryptocurrency “mixing” service for helping North Korea launder some of the funds stolen in the $620 million Ronin Network hack.

The sanctions target, a website that requires “anonymizing Bitcoin transactions” by mixing them with other users’ funds. The US Treasury Department claims the North Korean hackers behind the Ronin network heist recently attempted to launder $20.5 million of the stolen funds via

In addition, the US Treasury Department is signaling that it will pursue other cryptocurrency mixing services that help hackers. The sanctions against essentially ban US individuals and groups from doing business with the cryptocurrency service. Therefore, using is against US law unless the Treasury Department issues a license to do so.

“Virtual currency mixers that support illicit transactions pose a threat to U.S. national security interests,” Treasury Department Undersecretary for Terrorism and Financial Intelligence Brian Nelson said in the announcement.

The sanctions represent the latest US effort to stop the state-sponsored North Korean hacking group Lazarus, best known for the 2014 Sony Pictures hack and the WannaCry ransomware outbreak. Last month, the FBI also linked the Ronin Network heist to Lazarus.

In recent years, the hacking group has focused on stealing banks and cryptocurrency-related services. But to pay off the stolen funds, Lazarus had to rely on money laundering services, which can help disguise the origins of the ill-gotten gains. This resulted in North Korean hackers laundering over 65% of their stolen funds through multiple mixing services, according to cryptocurrency tracking company Chainalysis.

The U.S. Treasury Department claims is “commonly used by illegal actors” and has helped blend and transfer more than $500 million worth of Bitcoin since the site’s inception in 2017. linked ransomware groups behind Trickbot, Conti, Ryuk, Sodinokibi, and Gandcrab.

Recommended by our editors

chain analysis added that the sanction shows that the US is “focused not only on fighting the hackers themselves, but also the illicit services they rely on to launder stolen funds.” However, the company warns that more needs to be done, otherwise North Korean hackers will continue to loot cryptocurrency projects.

“In the longer term, Web 3.0 and DeFi practitioners must unite to combat the advanced persistent threats targeting them. This problem can only be solved through the cooperation of the entire ecosystem with the help of law enforcement,” added Chainalysis. did not immediately respond to a request for comment.

SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.","first_published_at":"2021-09-30T21:22:09.000000Z","published_at":"2022-03-24T14:57:33.000000Z","last_published_at":"2022-03-24T14:57:28.000000Z","created_at":null,"updated_at":"2022-03-24T14:57:33.000000Z"})" x-show="showEmailSignUp()" class="rounded bg-gray-lightest text-center md:px-32 md:py-8 p-4 mt-8 container-xs">
Do you like what you read?

Sign up for security guard Newsletters for our top privacy and security stories, delivered straight to your inbox.

This newsletter may contain advertisements, offers or affiliate links. By subscribing to a newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe from the newsletter at any time.


About Author

Comments are closed.