Sinbad coin mixer sanctioned and taken down by global authorities

The United States Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned coin mixer Sinbad.io over its role as a key money laundering tool of Lazarus Group, North Korea’s state-sponsored hacking group.

The sanctions essentially designate Sinbad as a blacklisted entity. Any of Sinbad’s assets that are either in the U.S. or controlled by U.S. persons must be blocked and reported to OFAC.

Simultaneously, the Sinbad.io website was seized by authorities and now displays a warning that the platform has been seized as part of a coordinated law enforcement action between the U.S. Federal Bureau of Investigation (FBI), the Netherlands’ Financial Intelligence and Investigation Service and Finland’s National Bureau of Investigation.

“Mixing services that enable criminal actors, such as the Lazarus Group, to launder stolen assets will face serious consequences,” said Deputy Secretary of the Treasury Wally Adeyemo.

“The Treasury Department and its U.S. government partners stand ready to deploy all tools at their disposal to prevent virtual currency mixers, like Sinbad, from facilitating illicit activities. While we encourage responsible innovation in the digital asset ecosystem, we will not hesitate to take action against illicit actors.”

According to OFAC, Sinbad.io has been used to process millions of dollars worth of digital assets from Lazarus Group attacks, such as 2022’s Horizon Bridge attack, which saw compromised private keys lead to the theft of $100 million worth of DeFi tokens. The OFAC statement also mentions the Axie Infinity heist of 2022, where hackers compromised a series of validator nodes serving a non-fungible token (NFT) video game developed by Sky Mavis; all in all, approximately $620 million worth of tokens were stolen.

Additionally, OFAC says Sinbad is used more generally by cybercriminals “to obfuscate transactions linked to malign activities such as sanctions evasion, drug trafficking, the purchase of child sexual abuse materials, and additional illicit sales on darknet marketplaces.”

Indeed, a report by blockchain analysis firm Chainalysis in February 2023 revealed that Sinbad.io had received $25 million in stolen digital assets in December and January alone. A report by Wired quoted Chainalysis as saying that Sinbad.io had become the launderer of choice for North Korean hacking groups.

Mixing with the wrong crowd

Coin mixers have been singled out by authorities in the U.S. and abroad in the past two years as an area of concern. They are designed to obscure the origin of digital assets, typically by taking identifiable assets from customers, breaking them down, and mixing them among assets from other customers via many transactions and then returning the equivalent amount back to the customer.

Perhaps the best-known takedown of a coin mixer comes from Tornado Cash. Tornado Cash was a coin mixer used on the Ethereum network. In August 2022, OFAC sanctioned Tornado Cash and claimed that the service had been used to launder $7 billion worth of digital assets, including for Lazarus Group. Days later, Dutch authorities arrested Tornado Cash developer Alexey Perstev for his involvement in the platform. Perstev is expected to face trial in 2024.

The U.S.’s focus on coin mixers has also seen joint enforcement actions between the U.S. and European authorities. In March of this year, Europol announced a joint operation to take down ChipMixer, another coin mixer that authorities alleged had been used to launder €2.73 billion ($2.96 billion) in digital assets.

Concerns over coin mixing have only intensified since, in part following the October 7 terror attacks on Israel by Hamas. In October, Hamas was described by U.S. Senators as “one of the most sophisticated crypto users in the terror finance domain” in a letter urging the Biden administration to take action against digital asset terrorism financing. The letter also highlighted the “national security threat crypto poses to the U.S. and our allies.”

In a drastic step that same day, the Treasury and the Financial Crimes Enforcement Network (FinCEN) designated coin mixing as “a class of transactions of primary money laundering concern” under the USA PATRIOT Act. As a result, the Treasury can require domestic financial institutions and agencies to take special measures against particular risks, such as demanding increased transaction monitoring and reporting.

Watch: Regulatory compliance for blockchain & digital assets

YouTube video

New to blockchain? Check out CoinGeek’s Blockchain for Beginners section, the ultimate resource guide to learn more about blockchain technology.