Tornado Cash devs charged with laundering more than $1 billion

Share via:

Photo by Amelia Holowaty Krales / The Verge

Tornado Cash developers Roman Semenov and Roman Storm have been charged with three conspiracy counts in an indictment unsealed today. Storm has been arrested and Semenov remains at large, according to a statement from the Southern District of New York.

Tornado Cash is a so-called “mixer,” a privacy service meant to obscure the trail of ownership for cryptocurrency that passes through it. The mixer “knowingly violated” US sanctions and “laundered more than $1 billion in criminal proceeds,” according to a statement from US Attorney Damian Williams. “While publicly claiming to offer a technically sophisticated privacy service, Storm and Semenov in fact knew that they were helping hackers and fraudsters conceal the fruits of their crimes.”

The two are charged with conspiracy to commit money laundering, conspiracy to commit sanctions violations, and conspiracy to operate an unlicensed money transmitter. The mixer itself was sanctioned by the US Treasury Department’s Office of Foreign Assets Control last year; today, Semenov was specifically sanctioned by OFAC as well. A third co-founder, Alexey Pertsev, will be tried in the Netherlands and isn’t mentioned by name in the indictment.

The indictment alleges that Tornado Cash was used by North Korea’s Lazarus Group to launder hundreds of millions of dollars. Mixers such as Tornado Cash are also used to launder funds from ransomware, security experts have said.

“It would be unlikely as a fund that we’d use a ‘compliant mixer.’”

It wasn’t just criminals using Tornado Cash; privacy is a real concern for cryptocurrency. Once an identity is linked to a wallet, it’s possible to trace every transaction. That makes privacy tools popular among those who aren’t engaged in wrongdoing. But Tornado Cash was also allegedly used by North Korean hackers to launder $615 million in stolen tokens from the Ronin Network.

Tornado Cash operated without know-your-customer (KYC) or anti-money laundering (AML) programs as required by US law, the document alleges. It also did not register with FinCEN as a money-transmitting business, the indictment says. Semenov and Storm also created a document called “Tips to Remain Anonymous,” which advised customers to consider using Tor or a VPN, delete data from their web browsers, and leave their money in Tornado for longer periods of time to better anonymize their transactions. They also advised users to employ different IP addresses for deposit and withdrawal.

Storm suggested creating a version of Tornado with KYC / AML enabled, but Tornado’s unnamed venture capital investors were dismissive, saying, “I just don’t know if anyone will actually want this.” The investor added, “It would be unlikely as a fund that we’d use a ‘compliant mixer.’”

Besides the Ronin hack, two other incidents were referenced, one in 2020 and one in 2021. This appears to line up with the KuCoin hack in 2020 and the BitMart hack in 2021, according to CoinDesk.

“Despite knowing full well that the Tornado Cash service was being used to launder criminal proceeds, and that the Tornado Cash pools contained large amounts of ETH representing criminal proceeds that were commingled with other customer deposits for the purpose of concealment, the Tornado Cash founders took no steps to implement effective AML or KYC programs,” the indictment said. Rather, the developers took steps to increase anonymity so they could profit from the volume of transactions they were processing, according to the indictment.

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Sarthak Luthra
Sarthak Luthra
Hey, there! I am the tech guy. I get things running around here and I post sometimes. ~ naam toh suna hi hoga, ab kaam bhi dekhlo :-)

Popular

More Like this

Tornado Cash devs charged with laundering more than $1 billion

Photo by Amelia Holowaty Krales / The Verge

Tornado Cash developers Roman Semenov and Roman Storm have been charged with three conspiracy counts in an indictment unsealed today. Storm has been arrested and Semenov remains at large, according to a statement from the Southern District of New York.

Tornado Cash is a so-called “mixer,” a privacy service meant to obscure the trail of ownership for cryptocurrency that passes through it. The mixer “knowingly violated” US sanctions and “laundered more than $1 billion in criminal proceeds,” according to a statement from US Attorney Damian Williams. “While publicly claiming to offer a technically sophisticated privacy service, Storm and Semenov in fact knew that they were helping hackers and fraudsters conceal the fruits of their crimes.”

The two are charged with conspiracy to commit money laundering, conspiracy to commit sanctions violations, and conspiracy to operate an unlicensed money transmitter. The mixer itself was sanctioned by the US Treasury Department’s Office of Foreign Assets Control last year; today, Semenov was specifically sanctioned by OFAC as well. A third co-founder, Alexey Pertsev, will be tried in the Netherlands and isn’t mentioned by name in the indictment.

The indictment alleges that Tornado Cash was used by North Korea’s Lazarus Group to launder hundreds of millions of dollars. Mixers such as Tornado Cash are also used to launder funds from ransomware, security experts have said.

“It would be unlikely as a fund that we’d use a ‘compliant mixer.’”

It wasn’t just criminals using Tornado Cash; privacy is a real concern for cryptocurrency. Once an identity is linked to a wallet, it’s possible to trace every transaction. That makes privacy tools popular among those who aren’t engaged in wrongdoing. But Tornado Cash was also allegedly used by North Korean hackers to launder $615 million in stolen tokens from the Ronin Network.

Tornado Cash operated without know-your-customer (KYC) or anti-money laundering (AML) programs as required by US law, the document alleges. It also did not register with FinCEN as a money-transmitting business, the indictment says. Semenov and Storm also created a document called “Tips to Remain Anonymous,” which advised customers to consider using Tor or a VPN, delete data from their web browsers, and leave their money in Tornado for longer periods of time to better anonymize their transactions. They also advised users to employ different IP addresses for deposit and withdrawal.

Storm suggested creating a version of Tornado with KYC / AML enabled, but Tornado’s unnamed venture capital investors were dismissive, saying, “I just don’t know if anyone will actually want this.” The investor added, “It would be unlikely as a fund that we’d use a ‘compliant mixer.’”

Besides the Ronin hack, two other incidents were referenced, one in 2020 and one in 2021. This appears to line up with the KuCoin hack in 2020 and the BitMart hack in 2021, according to CoinDesk.

“Despite knowing full well that the Tornado Cash service was being used to launder criminal proceeds, and that the Tornado Cash pools contained large amounts of ETH representing criminal proceeds that were commingled with other customer deposits for the purpose of concealment, the Tornado Cash founders took no steps to implement effective AML or KYC programs,” the indictment said. Rather, the developers took steps to increase anonymity so they could profit from the volume of transactions they were processing, according to the indictment.

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

Sarthak Luthra
Sarthak Luthra
Hey, there! I am the tech guy. I get things running around here and I post sometimes. ~ naam toh suna hi hoga, ab kaam bhi dekhlo :-)

More like this

FirstCry Parent Shares Decline 5%, Stock Down 10% YTD

SUMMARY The stock recouped some losses during the intraday...

Australia’s ‘Barefoot Investor’ takes on crypto scammers stealing his...

Australian investing and finance educator Scott Pape, known...

SingPost fires CEO, CFO over handling of whistleblower’s report

The top executives reject accusations and will "vigorously...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!