Treasury sanctions crypto ‘mixer’ for aiding hackers laundering illicit funds

treasury department building
AP/Patrick Semansky
The Treasury Department in Washington, D.C.

The Treasury Department imposed sanctions on Monday against cryptocurrency mixer Tornado Cash for helping hackers launder more than $7 billion worth of virtual currency since it launched in 2019.

According to the department, Tornado Cash has allowed cyber groups, including North Korean-backed hackers, to use its platform to launder the proceeds of cybercrimes. 

For instance, the Lazarus Group, a state-sponsored hacking group tied to North Korea, used Tornado Cash to steal more than $455 million in cryptocurrency, the largest known virtual currency heist to date, the department said. 

In April, the FBI accused the Lazarus Group of stealing about $620 million in cryptocurrency from the virtual game Axie Infinity. 

The FBI said at the time that it would “continue to expose and combat the DPRK’s use of illicit activities — including cybercrime and cryptocurrency theft — to generate revenue for the regime.” The U.S. sanctioned the group in 2019.

The Treasury Department also disclosed that Tornado Cash was used to launder more than $96 million of illicit cyber funds originating from the Harmony bridge heist and at least $7.8 million from the Nomad crypto theft.

“Despite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risks,” said Brian Nelson, Treasury’s under secretary for terrorism and financial intelligence.

The software code that runs Tornado Cash services is distributed across the ethereum network, so it does not have servers based in one particular country. Treasury’s sanctions entry forbids U.S. entities from transactions linked to multiple ethereum addresses linked to Tornado Cash.

The Hill reached out to Tornado Cash for comment.

A senior administration official said during a background call to reporters on Monday that the sanctions against Tornado Cash is the latest action the U.S. has taken to crack down on North Korea’s ongoing illicit use of cryptocurrency. 

Treasury sanctioned another crypto mixer,, in May, alleging that it was being used to launder money from hackers backed by North Korea’s government.

The official added that there have been seven major crypto hacks in 2022, several of which the U.S. ties to North Korea. 

“That matters a great deal because North Korea uses crypto and hacking to fund up to 30 percent of its weapons program which is pretty significant,” the official said. 

In June, California-based crypto firm Harmony said that hackers stole $100 million in cryptocurrency from one of its blockchain bridges. The firm said at the time that it was partnering with law enforcement to try to track down the hackers and retrieve the stolen funds.

Nomad, another California-based crypto firm, suffered similar losses earlier this month. The company lost $190 million worth of digital currency. 

The State Department also weighed in on the sanctions against Tornado Cash.

Secretary of State Antony Blinken said in a statement on Monday that the U.S. will continue to go after cryptocurrency mixers that allow cyber criminals to launder illicit funds.

“The United States will not hesitate to use its authorities against malicious cyber actors, to expose, disrupt, and promote accountability for perpetrators and enablers of criminal activities,” Blinken said.

Updated at 5:46 p.m.

Tags cryptocurrency FBI Lazarus Group Tornado Cash Treasury Department

Most Popular

Load more


See all Video