Ethereum

The U.S. Justice Department charged two Tornado Cash founders with helping criminals, including the notorious North Korean Lazarus hacking group, launder over $1 billion worth of stolen cryptocurrency through their decentralized crypto mixing service.

Lazarus used the crypto tumbler created by Roman Storm and Roman Semenov to launder around $455 million stolen in the largest known cryptocurrency heist after the hack of Axie Infinity's Ronin network bridge.

Tornado Cash was also used to launder more than $96 million after the June Harmony Bridge hack (out of a total of $100 million stolen in the attack) and at least $7.8 million following the August Nomad Heist (out of roughly $150 million stolen).

The crypto mixer also helped make it harder to trace stolen funds after the hack of blockchain music platform Audius, the Uniswap cryptocurrency exchange, the Beanstalk DeFi platform, and the Arbix Finance exit scam.

The charges include one count of conspiracy to commit money laundering and one count of conspiracy to violate the International Economic Emergency Powers Act, each carrying a maximum sentence of 20 years in prison.

Storm was arrested today in Washington and is scheduled to appear before the U.S. District Court for the Western District of Washington.

The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned Semenov today for "providing material support to [..] the Lazarus Group."

Last year in August, Alexey Pertsev, the third co-founder of Tornado Cash, was arrested in the Netherlands and is presently waiting for extradition.

OFAC also sanctioned Tornado Cash a year ago, saying that criminals have used it to launder more than $7 billion since its creation in 2019.

Tornado Cash crypto mixer
Tornado Cash crypto mixer interface (U.S. Justice Department)

​In court documents released today, the Justice Department said the defendants made it easy for criminals to launder their stolen money because they failed to implement "effective" Anti-Money Laundering (AML) and Know Your Customer (KYC) programs.

"The Tornado Cash founders' failure to establish an effective AML or KYC program for the Tornado Cash service facilitated its use by criminal actors laundering high volumes of criminal proceeds," the indictment reads.

"Because the Tornado Cash service provided its customers with a method to engage in transactions and move funds on the Ethereum blockchain in ways that could not be traced on the public blockchain, not all of the funds passing through the Tornado Cash service can be attributed to particular actors.

"However, at a minimum, at least over $1 billion in criminal proceeds were laundered through the Tornado Cash service between its launch and August 8, 2022."

On Tuesday, the FBI said the Lazarus hacking group is likely preparing to cash out around $41 million worth of stolen cryptocurrency out of hundreds of millions stolen since the start of 2023.

The warning followed an investigation behind the move of roughly 1,580 bitcoins stolen in previous crypto-heists to six cryptocurrency wallets.

A recent TRM Labs report linked North Korean-supported hacking groups to the theft of over $2 billion in cryptocurrency assets during the past five years after more than 30 cyberattacks.

Related Articles:

Tornado Cash cryptomixer dev gets 64 months for laundering $2 billion

Ethereum mailing list breach exposes 35,000 to crypto draining attack

FBI warns of fake law firms targeting crypto scam victims

CoinStats says North Korean hackers breached 1,590 crypto wallets

"Researchers" exploit Kraken exchange bug, steal $3 million in crypto