Getty Images
The U.S. Treasury Department issued sanctions against a cryptocurrency mixer accused of helping North Korean state-sponsored hackers launder cryptocurrency stolen from an attack on the Axie Infinity multiplayer game.
Investigators with the Treasury’s Office of Foreign Assets Control believe that hackers associated with North Korea’s infamous Lazarus Group transferred around $20.5 million worth of money from hacked accounts through the Blender.io service as part of a cryptocurrency laundering scheme.
Under the terms of the sanctions, U.S. companies are blocked from doing business with Blender.io, and the company’s U.S.-based assets have been frozen.
The sanctions come as investigators pry into the March attack on Sky Mavis, the makers of the NFT-focused game Axie Infinity, that is said to have lost some $600 million worth of cryptocurrency taken out of central accounts and moved into outside bankrolls.
Authorities attributed the Sky Mavis hack to North Korean state-sponsored hackers, who typically steal cryptocurrencies as a way to generate cash for military programs.
The state-sponsored Lazarus Group dates back more than half a decade, conducting sophisticated hacking operations for both propaganda purposes and fundraising opportunities.
Central to that effort is the use of cryptocurrency funds, which operate outside of the jurisdiction of global banking authorities. By obtaining money that can be laundered through cryptocurrency exchanges and mixers, the North Korean government can move funds without the worry of seizure by outside authorities under the extensive global sanctions imposed against the authoritarian regime.
Blender’s $20.5 million of alleged laundering is only a small fraction of the $620 million stolen from Sky Mavis.
“Today, for the first time ever, Treasury is sanctioning a virtual currency mixer,” said Brian E. Nelson, undersecretary of the treasury for terrorism and financial intelligence, in a press release Friday.
“Virtual currency mixers that assist illicit transactions pose a threat to U.S. national security interests. We are taking action against illicit financial activity by the DPRK and will not allow state-sponsored thievery and its money-laundering enablers to go unanswered.”
A key to making the pilfered funds look legitimate is the use of cryptocurrency mixers, and that is where the likes of Blender.io come in. By passing funds over multiple transactions, mixers are designed to obfuscate transactions and make it harder to track activity.
While there could be legitimate uses for mixer services, threats actors use them for money laundering and obfuscating the path of stolen funds from the source to the recipient by bouncing the transactions across multiple accounts and nodes.
This is what the Treasury Department believes Blender was doing with the Lazarus Group. The mixer is believed to have allowed the hackers to use the ‘blending’ service to make the movement of cryptocurrency stolen from hacked Axie Infinity servers appear to investigators as normal fund transfers.
As a result, Blender now finds itself under siege from the U.S. government and the site is classified as a “significant threat to national security.”
“The virtual currency mixers that assist criminals are a threat to U.S. national security interests,” the department said in the press release.
“Treasury will continue to investigate the use of mixers for illicit purposes and consider the range of authorities Treasury has to respond to illicit financing risks in the virtual currency ecosystem.”
Security and privacy remain a stumbling block for cloud computing, according to information experts at the Trust in the Digital …
Amazon Web Services has added multifactor authentication to its WorkSpaces cloud desktop service, the first step in a larger …
At Black Hat 2014, a researcher showed how AWS cloud security flaws and misconfigurations can have devastating consequences for …
Intel will release three generations of 200 GB, 400 GB and 800 GB infrastructure processing units over the next four years. The …
SDN, zero trust and infrastructure as code are popular forms of network virtualization within the data center, moving away from …
Starting with MPLS VPNs and SD-WAN, new carrier network virtualization options, like 5G network slicing, are becoming virtual …
The proposed Federal Digital Platform Commission would oversee tech giants and could impose penalties and conduct investigations …
Tech companies could start feeling pressure from consumers to limit data collection should Roe v. Wade be overturned.
Modzy and Snowplow are among the early-stage companies aiming to move AI from science project to enterprise asset. Success will …
Organizations that support both Windows and Mac desktops must approach them differently, but there is plenty of overlap with the …
Organizations that need desktop management software should survey a variety of platform types. UEM can often provide the most …
Organizations with both Mac and Windows devices can use some of their Windows-focused AD setup to address macOS management tasks.
Still lagging behind the Big Three in the cloud market, IBM hopes its coopetition partnership agreement with AWS helps close down…
IBM’s focus on hybrid cloud efforts, including Cloud Paks and OpenShift, makes for a competitive option. See if its strategy fits…
IT teams can use a range of native management and monitoring tools from Google to ensure their public cloud deployments are …
In this e-guide: We take a look at our 2022 Salary Survey results for India. We will be breaking down which job functions get …
In this e-guide: We take a look at our 2022 Salary Survey results for ASEAN. We will be breaking down which job functions get …
In this e-guide: We take a look at our 2022 Salary Survey results for ANZ. We will be breaking down which job functions get paid …
All Rights Reserved, Copyright 2000 – 2022, TechTarget

Privacy Policy
Cookie Preferences
Do Not Sell My Personal Info

source

Write A Comment