The U.S. sanctioned a cryptocurrency swap service on Friday, part of a larger effort to crack down on North Korea’s practice of using hackers to steal money for the state.
The sanctions, leveled against the company Blender.io, mark the first time that the U.S. Treasury Department has taken action against what is known in the cryptocurrency industry as a mixer, a for-profit service that allows users to move crypto between accounts without leaving a clear transaction record.
Treasury said in a news release that North Korea has used Blender.io to launder more than $20.5 million of cryptocurrency that it allegedly stole from the online game Axie Infinity in March. Hackers stole more than $600 million worth of cryptocurrency from the game’s owner.
Blender.io did not immediately respond to an emailed request for comment. Its site was inaccessible Friday.
Most cryptocurrencies, including bitcoin and ethereum, log every transaction on a public ledger service called a blockchain. That allows analysts to trace funds as they’re sent from one account to another. Cryptocurrency mixers, also called tumblers, serve as intermediaries to obscure that trail by taking in users’ funds, then sending those customers’ money back to them, minus a fee, using different accounts.
Mixer services are not illegal, but experts say they have become a crucial tool for cybercriminals looking to hide their tracks. One of the largest ethereum mixing services, Tornado Cash, announced in April that it had hired Chainalysis, a major blockchain analytics firm that does work for the U.S. government, to better comply with government financial regulations.
While many countries use their cyber forces to conduct espionage or military operations, North Korea, which is heavily sanctioned by the U.S. and other countries, has for years deployed its hackers to steal money for the state. Those operations have sometimes included trying to hack banks, but more frequently are aimed at companies that hold enormous amounts of cryptocurrency. The United Nations has found that those funds often go to the country’s nuclear weapons and missile programs.
Treasury said in its announcement that Blender.io had also helped a number of the most destructive Russian ransomware gangs launder their money.
Brian Nelson, the undersecretary for Treasury’s terrorism and financial intelligence division, said in the announcement that “mixers that assist illicit transactions pose a threat to U.S. national security interests. We are taking action against illicit financial activity by the DPRK and will not allow state-sponsored thievery and its money-laundering enablers to go unanswered.”
Last year, Treasury sanctioned cryptocurrency exchange Suex for allegedly helping Russian ransomware gangs cash out some of the money they had extorted from victims.
Ari Redbord, the head of legal and government affairs at TRM Labs, a blockchain analysis company that helps businesses comply with cryptocurrency regulations, said the sanctions are designed in part to scare other mixer services into abiding financial regulations.
“Every designation sends a message,” Redbord said. “If you have no compliance controls in place, and allow for significant money laundering and illicit activity to flow through your mixer, then you’re going to be a target.”