A popular tool that North Korean government-affiliated hackers had allegedly used to disguise their cryptocurrency transactions appears to have reemerged under a new name after being sanctioned by the U.S. government. The revival demonstrates that sanctions can serve as a setback for cryptocurrency mixers, but sometimes not a permanent one. The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) last year issued sanctions on a cryptocurrency mixer called Blender. It closed down around the same time. Now, its operators have likely relaunched it under the name Sinbad, according to cryptocurrency monitoring firm Elliptic. Already, the North Korean hacking organization known as the Lazarus Group have used Sinbad to launder more than $100 million, the firm said in an analysis. In the case of Sinbad, its operator or operators benefited from around $22 million that they are believed to have taken from Blender, Elliptic said. “It’s very easy for the anonymous operator of a mixer to redeploy infrastructure and operate under a new brand,” Tom Robinson, chief scientist and co-founder of the company, told me. “If sanctions are tied to a particular service’s name, that clearly poses a problem for sanctions enforcement.” “In practice though, mixers need users and liquidity in order to be effective, which can be difficult for a new brand to attract,” Robinson said. “Sinbad appears to have tried to bootstrap itself with funds from Blender, which left a money trail linking the two services.”
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.