Sanctioned Crypto-Mixer Rebranded as Sinbad to Evade US Scrutiny, Used for North Korean Money Laundering
Elliptic, a blockchain analysis company, has revealed that a sanctioned cryptocurrency mixer previously known as Blender has resurfaced under a new name, Sinbad, in an attempt to avoid US sanctions. Sinbad has been implicated in cleaning digital money for North Korea, particularly in laundering funds from the $100 million Horizon heist.
Since its launch in October 2022, Sinbad has been reportedly involved in laundering tens of millions in stolen cryptocurrency for North Korea. Elliptic has identified several similarities between Blender and Sinbad, indicating a strong connection between the two entities:
- A Bitcoin wallet used for payments to Sinbad promoters received funds from the wallet of the Blender operator
- A service address on the Sinbad website received Bitcoin from a wallet linked to the Blender operator for testing purposes before the launch
- Early transactions on Sinbad, totaling around $22 million, originated from the suspected Blender operator’s wallet
- Both mixers utilize similar transaction characteristics and employ additional services to conceal transactions
- Common features include 10-digit mixer codes, guarantee letters signed by the service address, and a maximum seven-day transaction delay
- Similarities in website structure, language use, and naming conventions between Blender and Sinbad
Elliptic suggests that the rebranding of Blender to Sinbad may have been an attempt to evade sanctions or regain user trust following Blender’s closure and the disappearance of funds. The US Office of Foreign Assets Control (OFAC) could potentially impose further sanctions on Sinbad in response to these findings.
Blender, along with another crypto-mixer, Tornado Cash, played a role in laundering $475 million from North Korean threat actors involved in the Axie Infinity attack. These illicit funds are likely to support North Korea’s weapons and nuclear programs. According to Chainalysis, a record $3.8 billion was stolen from cryptocurrency firms in the past year, with $1.7 billion attributed to North Korean hackers.