Today, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Sinbad.io (Sinbad), a virtual currency mixer that serves as a key money-laundering tool of the OFAC-designated Lazarus Group, a state-sponsored cyber hacking group of the Democratic People’s Republic of Korea (DPRK). Sinbad has processed millions of dollars’ worth of virtual currency from Lazarus Group heists, including the Horizon Bridge and Axie Infinity heists. Sinbad is also used by cybercriminals to obfuscate transactions linked to malign activities such as sanctions evasion, drug trafficking, the purchase of child sexual abuse materials, and additional illicit sales on darknet marketplaces. Sinbad is responsible for materially assisting in the laundering of millions of dollars in stolen virtual currency and is a preferred mixing service for the Lazarus Group. Sinbad operates on the Bitcoin blockchain and indiscriminately facilitates illicit transactions by obfuscating their origin, destination, and counterparties. Sinbad is believed by some industry experts to be a successor to the Blender.io mixer, which OFAC designated for providing mixing services to the Lazarus Group.
Sinbad was used to launder a significant portion of the $100 million worth of virtual currency stolen on June 3, 2023, from customers of Atomic Wallet. Sinbad was also used to launder a significant portion of virtual currency from the Axie Infinity heist of approximately $620 million in March 2022, and the Horizon Bridge heist of approximately $100 million in June 2022. Sinbad is being designated pursuant to E.O. 13694, as amended by E.O. 13757, having materially assisted, sponsored, or provided financial, material, or technological support for, or goods or services to or in support of a cyber-enabled activity originating from, or directed by persons located, in whole or in substantial part, outside the United States that is reasonably likely to result in, or has materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States and that has the purpose or effect of causing a significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain, and pursuant to E.O. 13722 for having materially assisted, sponsored, or provided financial, material, or technological support for, or goods or services to or in support of, the Government of the DPRK, a person whose property and interests in property are blocked pursuant to E.O. 13722.
Executive Order 13722 of March 15, 2016 Blocking Property of the Government of North Korea and the Workers’ Party of Korea, and Prohibiting Certain Transactions With Respect to North Korea
• https://ofac.treasury.gov/faqs/topic/1556
460. Can U.S. persons do business with entities in North Korea?
No. Unless authorized pursuant to a general or specific license from OFAC and/or BIS, Executive Order (E.O.) 13722 prohibits new investment in North Korea by a U.S. person and the exportation or reexportation, from the United States, or by a U.S. person, of any goods, services, or technology to North Korea. E.O. 13810 (“Imposing Additional Sanctions with Respect to North Korea”) does not modify any of those prohibitions.
Official Information
On March 15, 2016, the President issued E.O. 13722 pursuant to, inter alia, IEEPA, the NEA, the UNPA, and the North Korea Sanctions and Policy Enhancement Act of 2016 (22 U.S.C. § 9201 et seq.) (the NKSPEA), to take additional steps to address the national emergency declared in E.O. 13466 and expanded in E.O. 13551, in light of further North Korean nuclear and ballistic missile tests. E.O. 13722 was issued to ensure implementation of certain provisions of UNSCR 2270 of March 2, 2016 and the NKSPEA; it strengthened export and other trade restrictions against North Korea; and imposed a comprehensive blocking of the Government of North Korea and the Workers’ Party of Korea.
