Sanctions were issued by the U.S. Treasury Department on Wednesday against Sinbad, a virtual currency mixer used to launder illicit revenues by the Lazarus Group, which is associated with North Korea.
"Sinbad has processed millions of dollars' worth of virtual currency from Lazarus Group heists, including the Axie Infinity & Horizon Bridge heists," according to the department.
"Sinbad is also used by cybercriminals to complicate transactions linked to harmful activities such as the purchase of child sexual abuse objects, drug trafficking, tax evasion penalties, and additional illicit sales on darknet marketplaces."
The move is an extension of the Treasury Department's earlier efforts to shut down mixers including Blender, Tornado Cash, and ChipMixer, all of whom are suspected of giving "material support" to the hacker group by using their services to launder the stolen assets.
An individual going by the alias "Mehdi" founded Sinbad in September 2022. This individual told WIRED earlier this year that Sinbad is a legitimate initiative aimed at protecting privacy and that it was started in response to the "growing centralization of cryptocurrency and the erosion of the privacy promises it once appeared to offer."
The Lazarus Group replaced Blender with it to launder virtual cash that had been looted after Atomic Wallet and Harmony Horizon Bridge were hacked.
"Overall, more than one-third of funds sent to Sinbad during its lifetime have come from crypto hacks," Chainalysis stated. "Following the takedown of “Tornado Cash” and “Blender.io” last year, Sinbad emerged as the mixer of choice for DPRK-based hacking activities."
Through the confusion of transactions' origin, destination, and counterparties, ransomware perpetrators, darknet markets, and scammers have also utilized Sinbad.
The blockchain analytics company Elliptic stated that based on an analysis of on-chain patterns, the functionality of the two mixers, similarities between their websites, and their ties to Russia, there is evidence to suggest that the same person or group is probably behind both Blender and Sinbad.
"Analysis of blockchain transactions shows that, before it was publicly launched, a 'service' address on the Sinbad website received Bitcoin from a wallet believed to be controlled by the operator of Blender – presumably to test the service," the business stated.
"Bitcoin was obtained from the alleged Blender operator wallet and sent to a wallet that was used to compensate people who advertised Sinbad. The wallet of the alleged Blender operator was the source of nearly all of the initial incoming transactions to Sinbad."
The development coincides with the sentencing of 37-year-old Vitalii Chychasov to 8 years in the United States federal prison for selling personal information. Such information includes names, dates of birth, and Social Security numbers, on the now-dismantled internet marketplace entitled SSNDOB.
A Ukrainian national named Chychasov was detained in March 2022 as he tried to enter Hungary. In July 2022, he was extradited to the United States. In June 2022, SSNDOB was eliminated in a cooperative effort headed by the United States, Cyprus, and Latvia.