Tornado Cash Founders Face Legal Action Over Money Laundering and Sanctions Violations

A number of charges, including breaches of sanctions and involvement in money laundering, have been brought against the individuals who created the cryptocurrency mixer known as Tornado Cash.

The co-founders of Tornado Cash, Roman Storm and Roman Semenov, have been accused on counts of conspiracy to conduct money laundering, conspiracy to commit sanctions breaches, and conspiracy to run an unlicensed money transmitting company. The charges arise from claims of money laundering, sanctions breaches, and running an unauthorized money transmission service. The indictment was unveiled on August 23, 2023.

Roman Storm has been apprehended in Washington state, while Semenov remains elusive. In August 2022, another co-founder of the firm, Alexey Pertsev, was arrested in the Netherlands on money laundering charges.

The duo is accused of creating, managing, and promoting Tornado Cash. This platform is suspected of facilitating the laundering of over a billion dollars in illegal proceeds. Of significant concern is the claim that the platform processed hundreds of millions for the blacklisted North Korean cybercrime entity, the Lazarus Group.

The United States Attorney for the District of Maryland, Damian Williams, claimed that “while publicly claiming to offer a technically sophisticated privacy service, Storm and Semenov in fact knew that they were helping hackers and fraudsters conceal the fruits of their crimes.”

On August 23, the list of Specially Designated Nationals and Blocked Persons (SDN) maintained by the Office of Foreign Assets Control (OFAC) of the United States Treasury was updated to include Roman Semenov. The OFAC has blacklisted 44 USD Coin (USDC) and Ethereum addresses by the year 2022, which made it impossible for those living in the United States to use Tornado Cash.

Strong reactions have been given by the crypto community in response to these activities. Coinbase provided legal assistance to the six plaintiffs in a case in which they contended that the Treasury Department overstepped its bounds by imposing sanctions on Tornado Cash. A similar action was taken by the advocacy organisation Coin Centre, which filed a lawsuit, and by Representative Tom Emmer of the United States House of Representatives, who questioned the decision in a letter to Treasury Secretary Janet Yellen.

The cryptocurrency sector is being subjected to persistent difficulties and widespread scrutiny, as seen by the legal steps taken against the inventors of Tornado Cash. It is still unknown how regulatory organisations will tackle the many problems that are linked with digital currencies and the platforms on which they are traded as the industry continues to undergo further development.

Image source: Shutterstock


Tagged : / / / / /

Cyber Attackers Seize Control of Sanctioned Crypto Mixer Tornado Cash

Tornado Cash, a fully decentralized and open-source cryptocurrency mixer operating on Ethereum-based networks, has been subjected to a malicious takeover. This comes as another significant blow to the platform following its troubled history with regulatory authorities.

On August 8, 2022, the U.S. Department of the Treasury issued sanctions against Tornado Cash. The platform was accused of routinely enabling money laundering for harmful cyber actors due to its alleged lack of adequate controls. This led to its use being deemed illegal for U.S. citizens, residents, and firms. Subsequently, the project’s website domain and GitHub accounts were suspended, and one of the developers was arrested.

In the current crisis, a bad actor manipulated the project’s governance system by accumulating 1.2 million counterfeit votes, overpowering the 700,000 legitimate votes. The malefactor cunningly disguised their proposal to mimic a previously successful one, but it surreptitiously included a function that enabled the creation of counterfeit votes.

The perpetrator exploited the emergencyStop function, allowing them to modify the proposal logic swiftly and seize control of Tornado Cash’s governance. This authority permits the intruder to withdraw locked votes, drain tokens from the governance contract, and possibly disrupt the router’s functionality. In a swift move to profit from their control, the attacker quickly liquidated 10,000 votes worth of TORN tokens and seems capable of emptying all ETH from the pool.

Despite the community’s urgent advice to participants to withdraw their locked assets and efforts to deploy a contract to reverse the changes, the bad actor continues to maintain governance control. This presents significant challenges to the project’s recovery and future operation.

In an attempt to counteract the damage, Tornado Cash is actively recruiting Solidity developers and planning to engage Binance, an exchange that holds a considerable amount of tokens that could potentially help in countering the attack.

As a privacy-enhancing tool on Ethereum-based networks, Tornado Cash blends potentially identifiable or “tainted” cryptocurrency funds with others, obscuring the original source. The service, therefore, addresses the need for privacy on EVM networks where transactions are by default publicly visible. However, it is this very feature that has also exposed it to regulatory scrutiny and cybersecurity threats.


Tagged : / /

Tornado Cash Developer Set to be Released

Alex Pertsev, the developer behind the popular crypto mixing service Tornado Cash, is set to be released from prison after nearly nine months of detention. Pertsev was arrested by Dutch authorities in August last year on suspicion of being involved in money laundering through Tornado Cash, which had dozens of its addresses placed on the OFAC sanctions list by the United States Treasury Department.

The news of Pertsev’s release under surveillance was met with rejoicing in the crypto community, as it allows him to prepare his defense fully. His partner, who has been advocating for his release, expressed regret for the wasted time that he spent in prison, which had a powerful effect on both of their lives.

Pertsev’s case centers around Tornado Cash, a crypto mixing service that makes transactions anonymous and difficult to trace. Crypto mixers such as Tornado Cash are often used to obfuscate the origin of crypto transactions. These platforms mix one cryptocurrency transaction with others and send them to different wallet addresses, making it challenging for authorities to track the flow of funds.

Prosecutors argue that Pertsev acted as a central figure in Tornado Cash’s operation, making him an essential target in the investigation into money laundering. However, Pertsev’s legal team has maintained that he did not do anything wrong and that the platform was merely providing a privacy-enhancing service.

In November, a Dutch court denied Pertsev’s plea to be released under surveillance, citing concerns that he posed a flight risk. His bail was denied again in February. However, with the latest decision to release him under surveillance, Pertsev will now be able to walk around and work on his defense, which was virtually impossible while detained.

The Tornado Cash platform was one of the most popular mixing services before the sanctions were imposed, highlighting the growing trend of crypto users seeking greater privacy and anonymity in their transactions. The case involving Pertsev will be closely watched by those interested in the legal implications of crypto mixing services and their role in facilitating money laundering.

In conclusion, Pertsev’s upcoming release from prison has been welcomed by the crypto community, but his case is far from over. As the use of crypto mixing services continues to gain popularity, regulatory authorities will need to grapple with the legal implications of such platforms and their role in enabling financial crimes.


Tagged : / / / / /

Euler Finance Audited 10 Times Before $196 Million Attack

Euler Finance, an Ethereum-based lending protocol, underwent 10 audits from six different blockchain security firms between May 2021 and September 2022. The audits ranked the risk assessment of the platform, measuring the “likelihood of a security incident” and the impact it may have. The risk level for Euler ranged from very low and informational to critical, with none deemed “nothing higher than low risk” with “no outstanding issues.” Despite the extensive audits, Euler suffered a $196 million flash loan attack on March 13, 2023.

In response to the attack, Euler Labs CEO Michael Bentley described it as the “hardest days” of his life in a series of tweets on March 17. He retweeted a user sharing information that Euler had undergone ten audits, commenting that the platform “has always been a security-minded project.” Euler had also issued a warning only 24 hours before launching a $1 million bounty for information leading to the hacker’s arrest, stating that it would launch a bounty “that leads to your arrest and the return of all funds” if 90% of the funds were not returned within 24 hours.

Despite the audits, Euler’s attacker began moving funds through crypto mixer Tornado Cash on March 16, only hours after the bounty was launched. In his Twitter thread, Bentley expressed his frustration at the attack and the sacrifices he had to make as a result, including time with his newborn son. However, he also thanked the security experts who are “working on leads” for the investigation.

While some blockchain security firms, such as Omnisica, found and addressed some “incorrect paradigms” in Euler’s base swapper implementation and how the swap mode was “handled by the codebase,” the audits concluded that Euler had “properly dealt” with these issues, with “no outstanding issues” remaining. Halborn’s audit summary in December 2022 also stated that it had found “an overall satisfactory result.”

In conclusion, Euler Finance’s 10 audits from six different blockchain security firms in two years did not prevent a $196 million flash loan attack. Despite the audits deeming the platform “nothing higher than low risk” with “no outstanding issues,” the attacker was able to move the funds through crypto mixer Tornado Cash only hours after Euler launched a $1 million bounty for their arrest. The investigation into the attack is ongoing.


Tagged : / / / / /

Suspected Hackers Move Stolen Funds to Sanctioned Crypto Mixer

Blockchain security firms PeckShield and Beosin have reported that suspected hackers who exploited Lendhub, a decentralized finance lending protocol, have moved more than half of their ill-gotten gains to Tornado Cash, a crypto mixer service. According to Beosin, around 2,415 Ether (ETH), worth about $3.85 million, was sent to Tornado Cash from a wallet connected to the Jan. 12 exploit. Beosin also reported that a total of 3,515.4 ETH, currently worth over $5.7 million, has been sent to Tornado Cash by the exploiter since Jan. 13.

Tornado Cash is a crypto mixing service that attempts to anonymize Ethereum transactions by combining vast amounts of Ether prior to depositing sums to other addresses. However, the service was sanctioned on Aug. 8 by the United States Office of Foreign Assets Control (OFAC) for its alleged role in the laundering of crime proceeds. Despite the sanctions and the website for the service being taken down, Tornado Cash is still able to run and be used, as it’s a smart contract housed on a decentralized blockchain.

A January report by blockchain analytics firm Chainalysis said that hacks and scams once contributed to around 34% of all inflows to the mixer and were at times inflows reached around $25 million per day, but that dropped by 68% in the 30 days following the sanctions. However, bad actors in the space continue to frequent the service. Most recently, on Feb. 20, the exploiter behind an Arbitrum-based DeFi project transferred over $1.86 million in ill-gotten crypto to Tornado Cash.

The notorious North Korean hacker outfit Lazarus Group is also known to send significant sums to mixers such as Tornado Cash and Sinbad. An early February Chainalysis report claimed that exploited funds from North Korean hackers “move to mixers at a much higher rate than funds stolen by other individuals or groups.”

The use of crypto mixers by hackers and other bad actors has long been a concern for authorities and regulators, who are attempting to clamp down on the use of such services for money laundering and other illicit activities. The continued use of Tornado Cash by suspected hackers and other bad actors suggests that more needs to be done to curb the use of such services.


Tagged : / / / / /

Alexey Pertsev will remain held until next year’s hearing

On November 22, the creator of Tornado Cash, Alexsey Pertsev, was hauled before a court in the Netherlands for a hearing during which it was ruled that he would stay in prison in the Netherlands for an extra three months. This decision was made after the hearing. After spending 103 days in jail awaiting his preliminary court hearing, Pertsev appeared before a judge at the Palace of Justice in’s-Hertogenbosch. The hearing was held in connection with his case. During the course of the hearing, a condensed version of the allegations that are being leveled against him was presented.


Before the opening statement for the defense was made by Advocate WK Cheng, the prosecution gave a detailed account of the investigation that they had conducted. They depicted Pertsev in their presentation as an important cog in the wheel that is Tornado Cash’s operations, which is not accurate.


Cheng shed light on a variety of issues that offer an overview of the use cases for Tornado Cash and refute the misunderstandings that surround its operation. Cheng’s talk can be seen here.


The attorney for the defense said once again that he was of the opinion that the state had only shown one aspect of Pertsev’s connection to Tornado Cash in their case. He made this declaration while also disclosing that the initial date for the first session has been altered to the 20th of February in the year 2023. This revelation came at the same time as the previous announcement.


In spite of the fact that Pertsev’s legal team had given a number of assurances that he would be subject to monitoring at his home and weekly check-ins at the local police station in the event that he was released, the prosecution expressed concern that Pertsev could flee the country if he were to be released from custody before the beginning of the trial. This concern was voiced despite the fact that Pertsev’s legal team had made a number of assurances


Tagged : / /

Deribit Hackers Turns to Tornado Cash to Launder Stolen Funds

The hacker who exploited the Deribit exchange’s hot wallet has started moving the stolen funds using the sanctioned cryptocurrency mixer Tornado Cash.


According to data from Etherscan, the attacker has sent a total of 1,610 ETH since the exploit amounting to a sum of $2.54 million per the current price of Ethereum pegged at $1,577.84, according to data from CoinMarketCap.


Blockchain security outfit PeckShield was the first to spot the transfers being done as of Saturday with a total of $350,000 moved at the time. According to the Etherscan data, the balance on the hacker’s address is pegged at 7,501.37 ETH, with substantially more funds to launder.

Attempts to trace the funds have now been complicated by the involvement of Tornado Cash. The crypto mixing protocol receives funds, splits them into several units, and cryptographically sends them to unrelated addresses in a manner where the source of the funds can be obfuscated. 

The role Tornado Cash plays in the laundering of stolen funds such as this accounts for why the United States Treasury Department’s Office of Foreign Assets Control (OFAC) has banned the protocol. The regulator alleged that about $7 billion have been processed through the protocol thus far with a significant sum linked to the cybercrime syndicate Lazarus Group from North Korea.

Despite the protests from the crypto industry, the ban on Tornado Cash has been upheld, however, it has not stopped the Deribit exploiter from taking advantage of the shield it provides.

Since Blockchain.News reported the exchange’s $28 million exploit earlier this month, the protocol has taken several initiatives beyond the halting of transactions. The exchange said it has routed its transactions to Foreblocks for its robust security services, advising its users to open new Bitcoin (BTC) and supported altcoin addresses on Fireblocks to continually access its products and services.

Image source: Shutterstock


Tagged : / / /

TempleDAO Hacker Moves Stolen Funds to Sanctioned Crypto Mixer Tornado Cash

According to data from block explorer, Etherscan, the attacker of the TempleDAO hack, has moved the funds stolen via the recently sanctioned crypto mixer, Tornado Cash.


This information was first disclosed by blockchain data firm on Sunday, PeckShield. A roughly amount of ETH was seen transferred from an address supposed to be that of the TempleDAO hacker to the Tornado Cash platform. The transaction started with a deposit of 0.1, and ETHoccurred place within hours on Sunday.

Tornado Cash is an Ethereum-based crypto mixer used to anonymize transactions on the Ethereum blockchain. In August, the platform got sanctioned by the United States Treasury Department’s Office of Foreign Assets Control (OFAC).

Declaring that the crypto mixer is mainly associated with high-profile hacks such as the Ronin and Harmony breaches. Specifically, OFAC claimed the crypto mixer benefited North Korea’s Lazarus Group and that the platform has been used to launder hundreds of millions of dollars worth of crypto since its launch.

Last week, TempleDAO, a protocol staking platform, suffered a hack on one of its staking vaults. As seen on Etherscan, the hacker made away with 1,830 ETH, which was roughly $2.3 million at the time. 

Notably, this hack comes amid the rise of cryptocurrency hacks this month. According to new data from Chainanalysis, October 2022 is the month with the most hacking activity ever. 

Source: Chainanalysis 

The data averred roughly 11 hacks amounting to $718 million happened this month alone. Chainanalysis stated, “At this rate, 2022 will likely surpass 2021 as the biggest year for hacking on record.”

Last week, trading and lending platform Mango Market suffered an exploit which happened via an oracle price manipulation attack. In addition, on October 6, popular crypto exchange, Binance confirmed a BNB cross-chain bridge hack with Roughly $100 million of Binance Coin (BNB) stolen due to the exploit.

Image source: Shutterstock


Tagged : / / / / / / / /

Flashbots Co-Founder Stephane Gosselin Resigns Following Disagreements with Colleagues

Stephane Gosselin, the Co-Founder of Flashbots, announced on Friday that he has resigned from the Maximal Extracted Value (MEV) service following disagreements with the team.

Gosselin disclosed that he left working for the maximal extracted value (MEV) business last month because of differences with the team. However, it is still unclear which position he left at work – he has been serving as a Co-founder, General Manager, and Board Member at Flashbots.

While Gosselin did not reveal the details about his fallouts with his colleagues at work, he expressed his pride in the project’s accomplishments. He said maintaining censorship resistance is essential for a diversified and competitive MEV environment.

“In the short term, I am hopeful that validators will avoid connecting to relays that perform censorship. Blockspace suppliers putting economic pressure against censorship will go a long way to making sure it does not become ubiquitous,” Gosselin stated.

Flashbots, which was co-founded by Stephane Gosselin and Phil Daian in 2020, is a research and development company focused on Maximal Extractable Value (MEV). MEV is the profit that a miner or validator can make through their ability to arbitrarily include, exclude, or re-order transactions from the blocks they produce.

Flashbots made headlines in August when it blacklisted wallets associated with Tornado Cash sanctioned by the U.S. Treasury Department, a move that sparked an outcry from the Ethereum community members. Flashbots open-sourced some of its MEV-Boost code in response to the U.S. Treasury’s sanction of the Tornado Cash protocol in August, highlighting that its U.S.-based team must comply with the legislation.

While some Ethereum community members welcomed Flashbots’ decision, others were not thrilled with the move. Tornado Cash had been using Flashbots to improve upon the use of meta-transactions for user withdrawal UX.

Flashbots specializes in addressing MEV (Maximal Extractable Value) – an arbitrage trading strategy – in which validators and miners manipulate the order of on-chain transactions to reap profits by taking advantage of price differences. Besides that, Flashbots hosts private channels that prevent Ethereum users’ transactions from being viewed in a public mempool, thus protecting them against attacks targeting to extract MEV.

Image source: Shutterstock


Tagged : / / / / /

Tornado Cash’s Alex Pertsev to Remain in Custody as Appeal Was Rejected

Legal authorities in the Netherlands have rejected the appeal to release Alexei Pertsev, the chief developer of the Tornado Cash protocol was arrested and remanded by Dutch Authorities shortly after the United States Treasury Department sanctioned the protocol alongside as many as 44 of its associated addresses.


The rejection of the appeal was faulted by Ksenia Malik, the wife of Alexei who noted that injustice was evident as the authorities did not even hear the appeal of the embattled developer. Citing her fears, Malik said the authorities are planning to auction Alexei’s properties with plans to leave her with nothing.

According to the current state of things, Alexei is likely to stay in custody until the end of November before the next hearing. When asked whether the Dutch officials can confiscate the personal properties of an untried suspect, Malik said the current actions of the prosecutors show they can.

“At the moment, only a car, but I think they can come and take something else at any moment. I don’t feel safe,” she said. Prosecutors will sell “all of our legal property at auction, leaving me with nothing.”

The arrest of Alexei Pertsev has sparked a lot of protest amongst crypto advocates as the sanction of Tornado Cash has also been condemned by a coalition of industry stakeholders. The defense is that Alexei should not be held accountable for developing an open source code, irrespective of how it is used by people.

Tornado Cash is used as a cryptocurrency mixer that can be used to obfuscate the origin and destination of funds in a bid to enhance user privacy. While notable personalities like Ethereum co-founder, Vitalik Buterin said they have used the mixing tool to shield their identities in the past.

However, the Treasury Department said the protocol has been used to launder as much as $7 billion with some linked to the North Korea hacking syndicate, Lazarus Group.

Image source: Shutterstock


Tagged : / /
Bitcoin (BTC) $ 27,639.41 1.53%
Ethereum (ETH) $ 1,668.19 3.44%
Litecoin (LTC) $ 66.29 2.31%
Bitcoin Cash (BCH) $ 247.67 1.76%