Aug 24, 2023THNCyber Crime / Cryptocurrency

Tornado Cash

The U.S. Justice Department (DoJ) on Wednesday unsealed an indictment against two founders of the now-sanctioned Tornado Cash cryptocurrency mixer service, charging them with laundering more than $1 billion in criminal proceeds.

Both the individuals, Roman Storm and Roman Semenov, have been charged with conspiracy to commit money laundering, conspiracy to commit sanctions violations, and conspiracy to operate an unlicensed money-transmitting business.

Storm, 34, is said to have been arrested in the U.S. state of Washington. Semenov, 35, remains at large in Dubai. They are alleged to have “made millions of dollars in profits” from promoting and operating the service. Tornado Cash is estimated to have processed upwards of $7 billion worth of crypto assets over a period of three years.

In a related move, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned Semenov and eight cryptocurrency addresses connected to him, days after a U.S. court ruled that Tornado Cash is a distinct entity that can be sanctioned.

Cybersecurity

“The eight addresses […] have processed over $11.5 million in various crypto assets, including TORN, Tornado Cash’s governance token,” Elliptic said. “Funds from these addresses have moved to various services, including both centralized and decentralized exchanges.”

“Roman Storm and Roman Semenov allegedly operated Tornado Cash and knowingly facilitated this money laundering,” U.S. Attorney Damian Williams said. “While publicly claiming to offer a technically sophisticated privacy service, Storm and Semenov in fact knew that they were helping hackers and fraudsters conceal the fruits of their crimes.”

Tornado Cash is a decentralized mixer service that was created in 2019 to blend the cryptocurrencies of many users together to obfuscate the origins and owners of the funds. The aim is to make the transactions anonymous and difficult to trace, making it appealing for criminal actors looking to cash out their ill-gotten gains.

The defendants have been identified as two of the three co-founders of Tornado Cash. The third co-founder, Alexey Pertsev, was apprehended last August in the Netherlands, where he currently awaits trial on money laundering allegations.

Furthermore, Tornado Cash is said to have failed to implement effective Know Your Customer (KYC) or anti-money laundering programs as required by law. Nor was it registered with the U.S. Financial Crimes Enforcement Network (FinCEN) as a money transmitting entity.

The DoJ also pointed fingers at Tornado Cash for helping launder hundreds of millions of dollars for the Lazarus Group, a notorious North Korean threat actor, in April and May 2022, thereby facilitating sanctions-violating transactions.

Cybersecurity

The development comes a year after the U.S. Treasury Department imposed sanctions against Tornado Cash, accusing the platform of providing “material support” to the hacking crew and laundering more than $500 million stolen from hacks of Axie Infinity and Harmony Horizon Bridge last year.

It’s worth noting that the Lazarus Group was sanctioned by OFAC on September 13, 2019.

In recent years, North Korea has become infamous for brazenly pulling off high-profile cryptocurrency heists, laundering the funds through mixing services like Tornado Cash and Sinbad, and funneling them back to the country to fund the regime’s nuclear and missile development programs.

Blockchain analytics company Chainalysis described 2022 as a banner year for crypto-related hacking, resulting in the theft of $3.8 billion from businesses, of which nearly $1.7 billion have been attributed to attacks mounted by the Lazarus Group.

The indictment also follows the sentencing of Anthony Francis Faulk (aka “shade”), 26, in the U.S. for his role in a conspiracy to defraud and extort more than a dozen cryptocurrency owners via SIM swapping attacks. He is expected to serve 36 months in prison and pay nearly $3 million in restitution.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Source: thehackernews.com/