A senior Treasury Department official said Tornado Cash, one of the largest mixers identified as problematic by the Treasury, has reportedly laundered more than $7 billion worth of virtual currency since it was created in 2019.
Monday’s move freezes any US assets of the mixer and generally bars Americans from dealing with it.
The Lazarus Group, a well-known North Korean government-backed hacking group that has conducted numerous data breaches, both politically and sometimes financially motivated, has laundered at least $455 million through Tornado Cash, the Treasury said.
The Lazarus Group is already under US sanctions. The group has conducted numerous significant data breaches historically, including an intrusion into Sony Pictures in late 2014.
US and South Korean officials say North Korea controls thousands of hackers that steal funds, including cryptocurrencies, to finance its weapons programs.
Pyongyang has denied the accusations.
Tornado Cash and the North Korean mission to the United Nations in New York did not immediately respond to requests for comment.
Tornado Cash was also used to launder about $100 million from a hack into virtual currency firm Harmony in June and as recently as last week in the theft of Nomad, a virtual currency technology company, the Treasury said.
Despite prior requests for Tornado Cash to make changes, the criminal activity continued, the Treasury official said, leading to the decision to designate the mixer.
In May, the US Treasury also targeted virtual currency mixer Blender, imposing sanctions for the first time on a mixer – a software tool that pools and scrambles cryptocurrencies from thousands of addresses.
Hacks have long plagued crypto platforms. And experts say Tornado Cash has played a role in these crimes.
“Tornado is a popular and important tool for cybercriminals and state-backed hacking groups,” said Dr Tom Robinson, cofounder of Elliptic, a cryptocurrency analytics firm. “In total, Elliptic’s analysis shows that at least $1.3 billion in proceeds of crime such as ransomware, hacks and fraud have been laundered through Tornado Cash.”