US Treasury Sanctions Crypto Mixer ‘Sinbad’ for Facilitating Cybercrime Group, Lazarus

December 1, 2023

The Office of Foreign Assets Control (OFAC) under the U.S. Department of the Treasury has sanctioned Sinbad, a virtual currency mixer, for facilitating money laundering for the Lazarus group. The Lazarus group is a state-sponsored cyber hacking group associated with the Democratic People’s Republic of Korea (DPRK).

Sinbad has been involved in processing virtual currency worth millions of dollars from Lazarus group heists notably the Horizon Bridge and Axie Infinity heists, as per the US Department of Treasury press release. Sinbad has also been allegedly being used by cybercriminals to disguise transactions associated with illicit activities including sanction evasion, drug trafficking, procurement of child sexual abuse materials, and illegal sales on darknet platforms.

To secure financial sectors, the Treasury Department is committed to combat the illicit use of virtual currency mixers like Sinbad. Wally Adeyemo, deputy secretary of the Treasury stated, “The Treasury Department and its U.S. government partners stand ready to deploy all tools at their disposal to prevent virtual currency mixers, like Sinbad, from facilitating illicit activities. While we encourage responsible innovation in the digital asset ecosystem, we will not hesitate to take action against illicit actors”.Moreover, OFAC announced that any property or interests in property held by Sinbad in the US or under US control must be seized and reported to OFAC.

Sinbad’s Involvement in Major Crypto Heists

Building upon previous initiatives, the Treasury Department designated Sinbad as part of a broader strategy to expose elements within the virtual currency ecosystem, that are exploited by illicit actors, particularly the Lazarus group, to obscure the sources and destination of funds gained from illicit activities.

In June 2023, Sinbad facilitated the laundering of virtual currency totalling $100 million, stolen from Atomic Wallet Customers. The atomic wallet hack affected nearly 100 customers and impacted a diverse set of cryptocurrencies.

Moreover, Sinbad also assisted other heists such as the Axie Infinity heist, which involved in laundering of $620 million in March 2022. The heist stands as the latest chapter in the North Korean financial cybercrime story. The list doesn’t end here, it also includes the Horizon Bridge Heist resulted in laundering of almost $100 million in June 2022, supported by Sinbad.

Other Sanctions by OFAC

There have been previous instances of sanctions by OFAC on crypto-currency mixers, and platforms including Tornado Cash sanctioned on Nov 8, 2022, and Blender sanctioned on May 6, 2022.  Reportedly, Blender was accused of laundering for the Lazarus Group and a link between Sinbad and Blender was also reported.

On September 13, 2019, OFAC imposed sanctions on the Lazarus Group, based on Executive Order (E.O.) 13722, identifying it as an entity controlled by the DPRK Government. Operating for more than ten years, the Lazarus Group is estimated to have taken digital assets worth more than $2 billion through a series of heists.

Do the sanctions enforced on different industries and sectors serve the intended purpose of the measures?

Also read: What is Convertible Virtual Currency Mixing and How is it linked to Money Laundering

FinCEN Proposes to Upgrade Transparency in CVC Mixing to Counter Terrorist Financing