The U.S. Department of Justice has revealed an indictment against two founders of Tornado Cash, a cryptocurrency mixer implicated in aiding North Korean hackers to launder hundreds of millions of stolen funds.
One co-founder, Roman Storm, was arrested in Washington state, while his counterpart, Roman Semenov, a Russian national, remains at large and is sanctioned by the U.S. Treasury’s Office of Foreign Assets Control (OFAC). The charges include money laundering conspiracy, violation of the International Economic Emergency Powers Act, and conspiracy to operate an unlicensed money transmitting business, carrying maximum prison sentences ranging from five to twenty years.
Furthermore, the founders are accused of aiding North Korean hackers in obscuring over $450 million in stolen funds from the 2022 Axie Infinity’s Ronin network bridge attack, which authorities attribute to the Lazarus Group. This attack, considered the largest virtual currency heist to date, supplied North Korea with crucial funds for weapons programs.
Lazarus Group later utilized Tornado Cash to launder over $96 million from the Harmony’s Horizon bridge hack and at least $7.8 million from the Nomad hack. The FBI and OFAC have intensified efforts to associate cryptocurrency heists with sanctioned groups, and to recover stolen funds and penalize services that facilitate cybercrime.
Tornado Cash, a cryptocurrency mixer that pooled and mixed funds, allowed contributors to withdraw harder-to-trace assets. Despite its claims to enhance privacy, prosecutors argue the service knowingly supported hackers and fraudsters in evading law enforcement.
FBI Director Christopher Wray emphasized that the announcement is a reminder that criminal organizations cannot evade scrutiny, regardless of their digital efforts. The indictment showcases law enforcement’s determination to dismantle cybercriminal infrastructures and hold individuals accountable for facilitating cybercrime. This event also highlights the broader trend of authorities’ increased scrutiny on cryptocurrency-related services that enable illicit activities, reinforcing the commitment to maintaining a secure digital environment.
