Anti-Money Laundering (AML), Blockchain and Cryptocurrency, Cryptocurrency Fraud
Suspect charged with ‘involvement in concealing criminal financial flows’ using Mixer
Mathew J. Schwartz (euroinfosec) •
August 15, 2022
Dutch police have arrested a man suspected of working as a developer for Tornado Cash, a popular cryptocurrency mixing service sanctioned by the US government last week.
The 29-year-old man, arrested on Wednesday, has not been named by authorities.
“He is suspected of being involved in concealing criminal financial flows and facilitating money laundering by mixing cryptocurrencies via the decentralized Ethereum mixing service Tornado Cash,” the Dutch Information and Information Service reports. tax investigation. Known as FIOD, the service investigates serious fraud and other financial crimes in the Netherlands.
In June, the FIOD launched an investigation into Tornado Cash, probing the service’s alleged failure to guard against cryptocurrency-facilitated money laundering. Authorities say the investigation is still ongoing and further arrests are possible.
Mixers are designed to hide the origin and destination of Ethereum cryptocurrency by breaking the link between the sender and receiver of the cryptocurrency.
Proponents of these services claim that they provide a way to anonymize transactions, which is not illegal per se. But governments are increasingly probing services that fail to enforce anti-money laundering and “know your customer” practices designed to deter criminal use of the service.
FIOD says its Financial Advanced Cyber Team “suspects that Tornado Cash has been used to conceal large-scale criminal money flows, including online theft of cryptocurrencies, via so-called hacks and crypto scams. These included funds stolen through hacks by a group believed to be associated with North Korea.”
Dutch investigators suspect $7 billion was transferred through Tornado Cash, which was launched in 2019, of which they suspect at least $1 billion was linked to criminal funds.
Tornado Cash administrators did not immediately respond to a request for comment on the arrest report or the allegations.
Sanctioned by the US government
The suspect’s arrest by Dutch police follows the US Treasury Department’s August 8 order to freeze all Tornado Cash assets and add Tornado Cash to the list of sanctioned entities maintained by the Bureau. control of foreign assets of the department (see: US Treasury sanctions Tornado Cash and freezes its assets).
When Tornado Cash was sanctioned, it held assets of an estimated value $437 million, including Bitcoin, Ethereum, and various stablecoins. The sanctions mean that all Americans – or anyone in the United States or in transit – are prohibited from using the service, including collecting any of these funds. Violators face potential civil and criminal penalties.
US officials said the service was warned it had to comply with AML and KYC regulations, and refused to comply.
Tornado Cash has been the “go-to mixer for North Korean cybercriminals for over a year or more,” Ari Redbord, head of legal and government affairs at blockchain analytics firm TRM Labs, told Information Security Media Group.
Tornado Cash criticizes sanctions
Tornado Cash Administrators defended his serviceclaiming that there are a number of “valid use cases” including donation privacy.
Tornado Cash is the second cryptocurrency blender to be sanctioned by OFAC, following Blender.io’s addition to OFAC’s sanctions list in May.
US authorities said Blender.io was also regularly used to launder ransomware proceeds, stolen cryptocurrency and other illicit profits on behalf of the secretive and authoritarian regime that rules North Korea.
Is permanent disruption impossible?
Tornado Cash appears to remain accessible, although on Friday Coindesk reported that several users had reported difficulty accessing the service. His Discord Channel also seems to have been taken offline.
From a law enforcement perspective, however, Tornado Cash might be impossible for authorities to shut down.
This is because when users submit Ethereum to the service, they trigger a smart contract. “These smart contracts act as a pool that shuffles all deposited assets and generates a private key proving that you performed the deposit operation,” reports blockchain security firm SlowMist. “Then the sender can use this private key to withdraw the deposited funds to any address at a time of their choosing.”
Tornado Cash co-founder Roman Semenov, whose LinkedIn profile says he’s based in Russia, told Bloomberg it would be “technically impossible” to disrupt the service because it’s designed to run in perpetuity like a smart contract, without requiring any maintenance or updates from the developers.
“Because Tornado Cash may technically continue to operate, regulators and crypto compliance teams must remain vigilant to ensure that the platforms for which they are responsible do not transact with the now-sanctioned mixer,” says Chainalysis. .