The United States Treasury Department Office of Foreign Assets Control (OFAC) announced Friday that it was sanctioning cryptocurrency mixer Blender.io for its role in laundering proceeds from the hacking of Axie Infinity’s Ronin Bridge. North Korean state-sponsored hackers Lazarus Group have been identified as the perpetrators of the attack.
Treasury Under Secretary for Terrorism and Financial Intelligence Brian E. Nelson said in a statement:
“Today, for the first time ever, Treasury is sanctioning a virtual currency mixer. […] We are taking action against illicit financial activity by the DPRK and will not allow state-sponsored thievery and its money-laundering enablers to go unanswered.”
Under the sanctions, all Blender.io property in the United States or in the possession of U.S. persons is blocked and must be reported to OFAC.
According to OFAC, Blender.io processed $20.5 million out of approximately $620 million stolen from the Vietnam-based play-to-earn game in the form of roughly 173,600 Ether (ETH) and 25.5 million USD Coin (USDC). OFAC also found during its investigation that Blender.io had facilitated money laundering for Russia-linked ransomware groups including Trickbot, Conti, Ryuk, Sodinokibi and Gandcrab. The Blender.io website was offline at the time of writing.
The Treasury agency also added the addresses of four wallets used by Lazarus Group to launder some of the stolen funds to its List of Specially Designated Nationals and Blocked Persons.
Related: US Treasury Dept sanctions 3 Ethereum addresses allegedly linked to North Korea
There has been a security breach on the Ronin Network.https://t.co/ktAp9w5qpP
— Ronin (@Ronin_Network) March 29, 2022
The Ronin Bridge hack took place on March 23, but it was only discovered the following week. The bridge was accessed through game developer Sky Mavis. That organization had been indefinitely whitelisted after helping process a surge in transactions. Sky Mavis raised $150 million to reimburse users who lost money in the exploit, and Binance was able to recover $5.8 million of the money from 86 accounts. Lazarus Group was identified as the hackers by OFAC in mid-April.