Following the activities of North Korean hackers who laundered stolen crypto funds using the crypto mixing service Tornado Cash, the US Treasury Department has barred its services in the United States. All Americans are now barred from using Tornado Cash.
According to a watchdog agency saddled with the responsibility of preventing the violation of sanctions, Office of Foreign Assets Control (OFAC), Tornado Cash has been added to its list of Blacklisted people, entities, and cryptocurrency addresses. The agency made this announcement on Monday while speaking on their updated register of Specially Designated Nationals list. Going by this pronouncement any US citizen or entity who conducts any form of business with Tornado Cash or any Ethereum wallet addressed associated with this protocol risks facing a criminal prosecution.
The US Treasury department linked North Korean hacking group (Lazarus Group) to the Axie Infinity Ronin Network hack which occurred in March. The $625 million hack was facilitated by Tornado Cash according to the Treasury department. An analysis of the blockchain footprint showed that crypto stolen funds belonging to Ronin to the tune of tens of millions of dollars was funnelled through Tornado Cash. Tornado Cash is designed to erase source, and history of funds. Tornado Cash will not be the first mixing service to suffer this fate. The Treasury department previously penalized blender.io for laundering $20.5 million crypto from Ronnin, and other proceeds from ransomware attacks.
Cybercriminals have adopted Tornado Cash for laundering crime proceeds for a while, and this platform has facilitated the transfer and disappearance of stolen virtual funds. Some of the hackers enabled by Tornado Cash are individuals, and entities already sanctioned by the department. Tornado Cash was created in 2019. From 2019 till date, Tornado Cash it is reported to have laundered stolen virtual currency to the tune of $7 billion.
Fillers are coming in, and tagging the current action from the Treasury department against Tornado Cash as the most impactful yet when it comes to cryptocurrency.
The same hackers were alleged to have previously laundered funds stolen from Ronin through Tornado Cash. This occurred after an Ethereum address associated with Lazarus Group was sanctioned by OFAC. There was an increase in ether ETH deposits that flowed into Tornado Cash after the hack on Ronin. This was contained in the data released this year by Nansen, a blockchain analytics outfit.
Nansen confirmed that throughout the month of May and June Tornado Cash received well over 220,000 ETH. Going by the relevant exchange, this is estimated to be somewhere between $220 to $660 billion dollars. To put this in perspective, Nansen confirmed that an estimated 18% of the ETH that was trafficked through Tornado Cash which is estimated to be around 167,400 ETH were proceeds of the hack on Ronin.
The laundering allegation against Tornado Cash is not limited to the proceeds of the Ronin hack. Another group (Elliptic) conducted blockchain analysis which confirmed that 4600 ETH which could exchange for around $15 million being proceeds from a hack on crypto.com, a cryptocurrency exchange platform was laundered through Tornado Cash. Same goes for the Nimad bridge hack which is to the tune of $200 million, and the Harmony bridge hack to the tune of $100 million. These proceeds were all funnelled through Tornado Cash.
The Issue of National Security
Analysts have observed that the previous sanctions meted out on a smaller platform like blender.io was a foreshadowing of the recent action on Tornado Cash. This preview was an indication of the OFAC’s readiness to sanction the businesses enabling criminals or “rogue” nations such as North Korea.
North Korea has repeatedly used the service Tornado Cash. The recent action from the OFAC is making a bold statement. What we consider as hacks are extremely dangerous security threats, and must be treated as such. Money laundering is dangerous on its own, but it becomes an issue of national security if these funds end up in the weapons market for the acquisition of light arms, and ammunition or more advanced weapons.
Although Tornado Cash also has some substantial legitimate funds flowing through its platform, US citizens must be careful not to transact cryptocurrency in anyway with Tornado Cash.
Although this sanction is now operational, it does not necessarily stop Tornado Cash from operating as a business due the unique privacy set up which is meant to function as a highly decentralized unit. Any alteration to he effected on Tornado Cash has to go through a decentralized autonomous organization DAO. This makes the control of Tornado Cash similar to say Ethereum or Bitcoin.