Treasury sanctions virtual currency mixer Blender for money laundering
Written by Suzanne Smalley
The Treasury Department said on Friday it had sanctioned Blender.io, a so-called virtual currency mixer that the Treasury alleges the North Korean government uses to pay for its hacking scheme and to launder stolen virtual currency.
The Office of Foreign Assets Control (OFAC) in The Treasury pronounced the sanctionsalleging that on March 23, North Korean state-sponsored hackers known as the Lazarus Group stole a record $620 million from a blockchain project related to the Pokemon-inspired blockchain game Axie Infinity.
Blender was used to process more than $20.5 million of the $620 million, which according to a Treasury Department press release, is being used to fund the weapons of mass destruction and ballistic missile programs of North Korea.
Undersecretary of the Treasury for Terrorism and Financial Intelligence Brian Nelson said the sanctions were the first for a virtual currency mixer. Blender runs on the Bitcoin blockchain. The Treasury Department press release said it “indiscriminately facilitates illicit transactions by obscuring their origin, destination” and more.
Blender, one of the most popular mixers in the cybercrime world, interweaves numerous transactions before passing them on to their final destinations, ostensibly for privacy reasons, the press release said. The anonymity that virtual currency mixers offer makes them popular with hackers and criminals, according to Treasury, which said Blender has helped transfer more than $500 million in Bitcoin since its launch in 2017.
“Virtual currency mixers that facilitate illicit transactions pose a threat to the national security interests of the United States,” Nelson said in a statement. “We are taking action against the DPRK’s illicit financial activities and will not let state-sponsored thefts and their money laundering enablers go unaddressed.”
OFAC sanctioned the Lazarus group in 2019, alleging it was under the control of North Korean intelligence, which is also involved in the conventional arms trade. The Treasury press release indicates that in addition to the Lazarus Group, Blender has been used to launder money for malicious Russian-linked ransomware groups, including Trickbot, Conti, Ryuk, Sodinokibi, and Gandcrab.
In recent months, the Treasury has also imposed other unprecedented crypto sanctions: a cryptocurrency exchange allegedly involved in facilitating ransomware funds and a mining company.
CyberScoop was unable to immediately reach Blender for comment.