Tornado Cash co-founders Roman Storm and Roman Semenov have been charged with money laundering, sanctions violations and operating an unlicensed money transfer business, the U.S. Department of Justice revealed Wednesday. The announcement came a day after the FBI said North Korean hackers — shown to have used the Tornado cryptocurrency mixer in the past — were looking to cash out stolen Bitcoin worth US$40 million.

See related article: Crypto in the time of cockroaches

Fast facts

  • “The defendants operated a $1 billion scheme designed to help other criminals launder and conceal funds using cryptocurrency, including by laundering hundreds of millions of dollars on behalf of a state-sponsored North Korean cybercrime group sanctioned by the U.S. government,” U.S. attorney general Marrick B. Garland said in the statement.
  • U.S. national Roman Storm was arrested on Wednesday in Washington. His business partner Semenov — a Russian national — has yet to be taken into custody with no date for his arrest specified by the DOJ.
  • Storm’s lawyer, Brian Klein of Waymaker LLP, said that the Tornado Cash founder “disputes” engagement in any criminal conduct and has cooperated with the prosecutors’ investigation over the past year.
  • Last Thursday, a U.S. district court concluded that U.S. sanctions against Tornado Cash for money laundering are valid, denying the legal challenge brought by six users of the crypto mixer. The U.S. Office of Foreign Assets Control sanctioned Tornado Cash on Aug. 8, 2022.
  • The mixer has processed US$7 billion in cryptocurrencies since 2019, including over US$455 million the FBI say was stolen by the North Korean state-backed hacker group Lazarus. The FBI says laundered crypto is used to support North Korea’s weapons programs.
  • Meanwhile, the FBI announced Tuesday that it has identified blockchain activity connected to the Lazarus Group and another Pyongyang-affiliated hacker organization APT38. Based on cryptocurrency data tracked on Monday and Tuesday, the agency stated that cyber actors affiliated with the hacker groups moved about 1,580 Bitcoin (US$41.6 million) to six Bitcoin addresses, likely for liquidation. 
  • The FBI claims these actors were responsible for several major crypto thefts. The thefts included a US$60 million crypto heist from digital wallet service Alphapo, US$37 million from crypto payment gateway CoinsPaid and US$100 million from Atomic Wallet — all in June 2023.
  • The U.S., Japan and South Korea reached an agreement Aug. 18 to establish a trilateral working group to tackle North Korean cyberattacks as early as next month, South Korea’s KBS News reported on Saturday. 
  • Blockchain analytics firm Chainalysis stated that North Korea-backed hackers stole US$1.7 billion worth of crypto in 2022.

See related article: Web3 has a big security problem, and the industry is not doing enough to protect users