View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 24, 2023

Tornado Cash founders charged with laundering millions for North Korean cybercrime group

US law enforcement alleges cryptocurrency mixer Tornado Cash laundered millions of dollars for the DPRK-based Lazarus cybercrime group.

By Claudia Glover

The founders of cryptocurrency mixer Tornado Cash have been charged by US law enforcement with laundering more than $1bn in criminal proceeds. According to a statement from the US Department of Justice, Roman Semenov and Roman Storm were additionally engaged in laundering hundreds of millions of dollars for the Lazarus Group, a cybercrime organisation linked to the North Korean state. While Storm was arrested yesterday in the state of Washington, Semenov remains at large.

The logo of Tornado Cash falling to earth as a meteor. The firm has recently been accused by the US Department of Justice of laundering money for the North Korean cybercrime organisation Lazarus Group.
The US Justice Department has announced the indictment of Tornado Cash’s two founders. (Photo by Maurice Norbert/Shutterstock)

“As alleged, Tornado Cash was an infamous cryptocurrency mixer that laundered more than $1bn in criminal proceeds and violated US sanctions,” explained US Attorney Damian Williams. “Roman Storm and Roman Semenov allegedly operated Tornado Cash and knowingly facilitated this money laundering.”

Cryptocurrency mixers, or coin mixers, are businesses that allow users to scramble transactions between different cryptocurrency addresses so they become untraceable and cannot be followed back to the initial sender or receiver. Recent years have seen law enforcement agencies push these organisations to implement basic ‘know your customer’ (KYC) protocols to prevent user anonymity and the use of such platforms for money laundering processes. According to the indictment, Tornado Cash implemented no such protocols.

The indictment follows the sanctioning of Tornado Cash by the US Treasury Department earlier this month for also failing to impose sufficient anti-money laundering protections. “Despite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risks,” said Brian Nelson, undersecretary for terrorism and financial intelligence at the US Treasury department.

Lazarus connection

The indictment also includes details on how Semenov and Storm laundered the ill-begotten proceeds of the Lazarus Group, a cybercriminal enterprise with close links to the North Korean state. Recent years have seen the organisation repeatedly target crypto businesses, healthcare providers and IT vendors in its bid to accrue foreign currency for the rogue nation

Between April and May 2022, Tornado Cash is alleged to have laundered hundreds of millions of dollars for Lazarus. According to the indictment, Storm and Semenov implemented a change in the coin mixer’s services during this period so they could make a public announcement that they were compliant with sanctions. However, in private chats, the pair agreed that these changes would not serve any practical purpose in halting money laundering taking place on Tornado Cash. 

Storm and Semenov have each been charged with one count of conspiracy to commit money laundering and one count of conspiracy to violate the International Economic Emergency Powers Act, which each carry a maximum sentence of 20 years in prison. The pair have also been charged with conspiracy to operate an unlicensed money-transmitting business, which carries a maximum sentence of five years in prison.   

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

In a written statement, Storm’s lawyer and a partner with Waymaker LLP, Brian Klein, expressed his client’s frustration at the indictment in a written statement. The Justice Department’s decision to arrest his client, Klein wrote, rests on a “novel legal theory with dangerous implications for all software developers. Mr Storm has been cooperating with the prosecutors’ investigation since last year and disputes that he engaged in any criminal conduct. There is a lot more to this story that will come out at trial.” 

Tornado Cash is the second coin mixer shut down by US law enforcement this year. In March, US agencies paired up with their counterparts at Europol to take down the Vietnam-based ChipMixer organisation. According to the Department of Justice, ChipMixer’s founder Minh Quốc Nguyễn had laundered over $700m in funds stolen by North Korean hackers from crypto businesses Axie Infinity and Harmony, in addition to $17m in Bitcoin from transactions connected to 37 different strains of ransomware. 

Read more: Ransomware gang BlackCat posts watch company Seiko to its victim blog

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.