OFAC: first sanctions against cryptocurrency mixer

Last week, on May 6, the Office of Foreign Asset Control (OFAC) sanctioned a cryptocurrency mixer for the first time.

Blender.io: first crypto mixer designated by OFAC

In a press release from last Friday, OFAC announced sanctions against Blender.io, a cryptocurrency mixer. Blender.io is a mixer operating on the Bitcoin blockchain and allowing users to obfuscate the origin and destination of crypto funds.

The release states that the Democratic People’s Republic of Korea (DPRK) used Blender.io for laundering stolen crypto funds. For instance, Lazarus, DPRK’s hacking group, used the mixer to launder $20.5 million of stolen funds from the large-scale Ronin Bridge hack.

Read more: Ronin Bridge hack – $624+ million lost in largest DeFi hack

Additionally, OFAC added 45 Bitcoin addresses to its SDN list. The addresses have links with high-risk entities such as dark web markets ransomware, hacks, etc. More specifically, Blender.io mixer processed funds related to Hydra dark web market, which has been previously sanctioned by OFAC.

Read more: Hydra and Garantex designated by OFAC after the dark web market shutdown

Latest OFAC-sanctioned addresses from the Lazarus

Additionally, OFAC updated its Specially Designated Nationals List (SDN list) with four additional crypto addresses related to the Lazarus group. Lazarus has been sanctioned by OFAC back in 2019. The four addresses sanctioned are:

• 0x35fB6f6DB4fb05e6A4cE86f2C93691425626d4b1;
• 0x08723392Ed15743cc38513C4925f5e6be5c17243;
• 0x3e37627dEAA754090fBFbb8bd226c1CE66D255e9; and
• 0xF7B31119c2682c88d88D455dBb9d5932c65Cf1bE

All four addresses have received funds from the Ronin Bridge hack address, for a total of around 95,000 ETH. However for now,, only the 0x35fb6f6d address has outgoing transactions. It sent funds to eight intermediate addresses which then sent the funds to Tornado.cash mixer.

The three other addresses still hold the funds they received from the Ronin Bridge hack address.

• 0x08723392 address holds 12,595 ETH;
• 0x3e37627d address holds 23,528 ETH; and 
• 0xf7b31119 address holds 25,127 ETH.

These four addresses further developed OFAC sanctions against the Lazarus group. Recently, OFAC sanctioned Lazarus-related addresses, directly linking the group to the Ronin Bridge hack.

Read more: Lazarus group – OFAC sanctions crypto addresses related to North Korea cybercrime group

Scorechain is automatically updating its database with the latest addresses added to OFAC’s sanction list. Customers can thus be notified promptly of any links related to a sanction address or entity. Discover how Scorechain can help you leverage blockchain analytics for enhanced sanction compliance.

About Scorechain

Scorechain is a Risk-AML software provider for cryptocurrencies and digital assets. As a leader in crypto compliance, the Luxembourgish company has helped more than 200 customers in 45 countries since 2015, ranging from cryptocurrency businesses to financial institutions with crypto trading, custody branch, digital assets, customers onboarding, audit and law firms, and some LEAs.

Scorechain solution supports Bitcoin analytics with Lightning Network detection, Ethereum analytics with all ERC20 tokens and stablecoins, Litecoin, Bitcoin Cash, Dash, XRP Ledger, Tezos, Tron with TRC10 and TRC20 tokens, and BSC with BEP20 tokens. The software can de-anonymize the Blockchain data and connect with sanction lists to provide risk scoring on digital assets, transactions, addresses, and entities. The risk assessment methodology applied by Scorechain has been verified and can be fully customizable to fit all jurisdictions. 300+ risk-AML scenarios are provided to its customers with a wide range of risk indicators so businesses under the scope of the crypto regulation can report suspicious activity to authorities with enhanced due diligence.