US Treasury Sanctions Sinbad Cryptocurrency Mixer Used by North Korean Hackers

Nov 30, 2023NewsroomHacking / Cryptocurrency

Sinbad Cryptocurrency Mixer

The US Treasury Department on Wednesday imposed sanctions against Sinbada virtual currency mixer used by the North Korea-linked Lazarus Group to launder ill-gotten gains.

“Sinbad processed millions of dollars worth of virtual currency from Lazarus Group heists, including the Horizon Bridge and Axie Infinity heists,” the department said.

“Sinbad is also used by cybercriminals to obfuscate transactions involved in harmful activities such as evasion of punishment, drug trafficking, purchase of child sexual abuse materials, and further illegal trading on darknet markets.”

The development builds on earlier actions taken by the Treasury Department to crack down on mixers like Blender, Tornado Cash, and ChipMixer, all of which are accused of providing “material support” to hacking crews through laundering of stolen property through their services.


Sinbad, created by an individual with the alias “Mehdi” in September 2022, told WIRED earlier this February that it was a legitimate privacy-preserving initiative and that it was launched as a response to the “growing centralization of cryptocurrency and the erosion. of privacy promises that once appeared to be offered.”

It also emerged as a replacement for Blender, with the Lazarus Group using it to launder virtual currency looted after the Atomic Wallet and Harmony Horizon Bridge hacks.

“In total, more than a third of the funds sent to Sinbad in its lifetime came from crypto hacks,” Chainalysis SAYS. “After taking down Tornado Cash and last year, Sinbad has emerged as the mixer of choice for DPRK-based hacking activities.”

Sinbad is also used by ransomware actors, darknet markets, and scammers, who use it to facilitate illegal transactions by obfuscating their origin, destination, and counterparts.

Blockchain analytics firm Elliptic said there is evidence to suggest that the same individual or group is likely behind Sinbad and Blender based on an examination of on-chain patterns, the way in which the two mixers operate, similarities in their websites, and their connection to Russia.


“An analysis of blockchain transactions shows that, before its public launch, a ‘service’ address on Sinbad’s website received Bitcoin from a wallet believed to be controlled by Blender’s operator – presumably to service will be tested,” the company. THE audience.

“A Bitcoin wallet used to pay individuals promoting Sinbad, itself received Bitcoin from the suspected Blender wallet operator.

The development comes as Vitalii Chychasov, a 37-year-old administrator of the now defunct online marketplace called SSNDOB, sentenced up to eight years in federal prison in the US for selling personal information, including names, dates of birth, and Social Security numbers.

Chychasov, a Ukrainian national, was arrested in March 2022 while trying to enter Hungary. He was subsequently extradited to the US in July 2022. SSNDOB was taken out in a joint operation led by the US, Cyprus, and Latvia in June 2022.

Did you find this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Leave a comment