The U.S. Treasury Department’s Office of Foreign Assets Control has sanctioned the token mixing platform Tornado Cash.
According to the department, the mixing service has been responsible for $7 billion in illicit fund flows since its founding in 2019. Over $455 million stolen by the Lazarus Group, a North Korean hacking collective, was funneled through the mixer.
These sanctions come after funds from the recent Horizon bridge attack in June 2022 and the recent Nomad heist were laundered through Tornado cash.
Those behind the privacy coin Zcash developed Tornado Cash.
Tornado Cash failed to implement effective AML measures
Tornado is being sanctioned according to Executive Order 13694. All property of Tornado Cash in the United States or owned by U.S. citizens must be reported to OFAC, and the citizens blocked. Blocked citizens owning more than 50% of a particular entity will have their entities blocked. No person or entity will be allowed to transact with blocked individuals except under authorization from OFAC. The list of wallet addresses belonging to Tornado Cash involved in sanctions is available on the department’s website.
According to a statement by the Under Secretary of the Treasury for Terrorism and Financial Intelligence, the mixer has failed to impose effective anti-money laundering practices to prevent illicit fund flows and has failed to implement basic risk management protocols. The department added that while most cryptocurrency transactions are legal, mixers provide a fertile playground for sanctions evasion, as do peer-to-peer exchanges and darknet marketplaces. Ransomware, heists, and other crimes are also perpetrated through these channels.
The department said it would continue to cooperate with other agencies in the U.S. and foreign partners to target entities enabling criminals to profit from illegal activities.
Tornado Cash started down the right path
Tornado Cash recently came under fire from privacy advocates for sanctioning addresses using a Chainlink oracle. OFAC had already sanctioned these addresses. They included an address belonging to North Korean hackers, the Lazarus Group, a notorious cybercrime entity accused of pilfering $620 million from Axie Infinity’s Ronin sidechain. Several Russians and a Russian ransomware group were also among the addresses sanctioned.
Daniele Casamassima, CEO of cryptocurrency bank and ecosystem “Pure,” said that the compliance of decentralized applications with state directives will depend on to what extent developers tolerate enforcement encroaching on their financial freedom.
Tornado Cash was built to break the link between the source and destination of a transaction. It receives different transactions and mixes them before sending the funds to their intended recipients.
What do you think about this subject? Write to us and tell us!
All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.