May 9, 2022

OFAC designates virtual currency mixer and wallets related to DPRK cyber heist

On May 6, 2022, the US Department of the Treasury’s Office of Foreign Assets Control sanctioned Blender.io, a virtual currency mixer that has been used by the Democratic People’s Republic of Korea (DPRK) to support malicious cyber activities and launder stolen virtual currency in an effort to fund, among other things, its unlawful weapons of mass destruction and ballistic missile programs.  OFAC reports that sanctions were imposed in response to the March 23, 2022 theft of almost $620 million worth of virtual currency by Lazarus Group, a DPRK state-sponsored cyber hacking group, in what is reportedly the largest virtual currency heist to date.  According to OFAC, the virtual currency was stolen from a blockchain project linked to the online game Axie Infinity, and Blender was used to launder more than $20.5 million of the heist’s proceeds.  OFAC reports that Blender has also been used by certain Russian-linked ransomware groups to launder virtual currency.  

According to Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson, this is the first time that the Treasury Department has ever sanctioned a virtual currency mixer.  OFAC is designating Blender pursuant to EO 13694, as amended, for providing financial or technological support to a cyber-enabled activity that originated outside of the US and contributed to a significant threat to the national security, foreign policy, or economic health of financial stability of the US.  OFAC has also identified additional virtual currency wallet addresses that the Lazarus Group used in the Axie Infinity heist and added them to the List of Specially Designated Nationals and Blocked Persons (SDN List).  The Lazarus Group was sanctioned in September 2019 pursuant to EO 13722 after OFAC identified the group as an agency or entity controlled by the Government of the DPRK.

As a result of these designations, all property and interests in property of today’s designees within the United States or within the possession or control of a U.S. person are blocked, and U.S. persons are generally prohibited from engaging in transactions involving the designated persons.  In addition, entities owned 50 percent or more by one or more blocked persons are also blocked.

Department of Treasury Press Release