Blockchain & Cryptocurrency , Cryptocurrency Fraud , Fraud Management & Cybercrime

US Sanctions, Seizes Sinbad Cryptomixer

Sinbad Was the 'Preferred Mixing Service' of North Korean Hackers
US Sanctions, Seizes Sinbad Cryptomixer
The FBI seized the Sinbad cryptocurrency site, which was used to hide stolen digital assets. (Image: Shutterstock)

The U.S. federal government Wednesday added cryptocurrency mixer Sinbad.io to a growing blacklist of virtual asset platforms under sanctions that prevent Americans from doing business with them. The FBI seized the Sinbad website in an international operation in cooperation with Dutch and Polish authorities.

See Also: OnDemand | NSM-8 Deadline July 2022:Keys for Quantum-Resistant Algorithms Implementation

The Department of the Treasury called Sinbad the "preferred mixing service" for North Korean state hackers known as Lazarus Group. Millions of dollars' worth of stolen cryptocurrency passed through Sinbad, the federal government said, including a significant portion of the $100 million Lazarus stole earlier this year from Atomic Wallet.

Cryptocurrency mixers pool cryptocurrencies and randomly distribute them to destination wallets in a bid to make tracing tainted funds difficult or impossible. Cryptocurrency experts believe Sinbad is the reincarnation of Blender, another cryptocurrency mixer earlier sanctioned by the Treasury Department in 2022 (see: Sanctioned Crypto Mixer Blender Reappears Under New Name).

Treasury sanctioned high-profile mixer Tornado Cash in in August 2022. This summer, a federal judge overturned a lawsuit backed by Coinbase that had attempted to override the sanctions by asserting that the government overstepped its authority and violated free speech guarantees.

North Korean hackers have stolen more than $2 billion in cryptocurrency as part of a concerted campaign to fund a program to develop weapons of mass destruction and inject scarce hard currency into the Hermit Kingdom economy.

Although U.S. sanctions technically only affect U.S. persons, their impact is global. Being added to the list is a signal the United States is looking closely at transactions on the platform, which can drive away illicit and legitimate users alike. Blockchain analysis firm Chainalysis last year found that North Korean hackers had avoided Tornado Cash after it was added to the U.S. sanctions list (see: North Korea Avoids Tornado Cash After US Imposes Sanctions).

In addition to laundering stolen Atomic Wallet funds through Sinbad, Treasury said, Lazarus hackers also filtered a "significant portion" of the $620 million worth of cryptocurrency they stole in 2022 from play-to-earn game Axie Infinity as well as $100 million taken from cross-chain bridge Horizon. Federal officials say cybercriminals have also used Sinbad to hide transactions linked to activities including "sanctions evasion, drug trafficking, the purchase of child sexual abuse materials, and additional illicit sales on darknet marketplaces."

Treasury Deputy Secretary Wally Adeyemo told a Blockchain Association gathering in Washington, D.C., on Wednesday that the department is asking Congress for stronger sanctions power. Lawmakers should allow secondary sanctions that subject firms that continue to do business with a sanctioned firm to the same treatment, he said. "This is a significant tool we do not request lightly," he said, adding that it's necessary to ensure that bad actors "are not able to find safe haven within the digital asset ecosystem."


About the Author

David Perera

David Perera

Editorial Director, News, ISMG

Perera is editorial director for news at Information Security Media Group. He previously covered privacy and data security for outlets including MLex and Politico.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.