Back

Blockworks: Netherlands Arrests Suspected Tornado Cash Dev Days After US Sanctions

On August 12, NetSPI Chief Technology Officer Travis Hoyt was featured in the Blockworks article called Netherlands Arrests Suspected Tornado Cash Dev Days After US Sanctions. Read the preview below or view it online.

+++

Dutch financial crimes agency FIOD arrested a 29-year-old developer in Amsterdam on Wednesday over suspected involvement in laundering money through crypto mixer Tornado Cash.

FIOD said a team began probing Tornado Cash in June. The investigation is led by the Public Prosecutor’s office.

“Multiple arrests are not ruled out,” the Fiscal Information and Investigation Service said in a statement, adding that the male suspect had been brought before a judge.

Earlier this week, the US Treasury sanctioned Tornado Cash addresses over allegations it laundered $7 billion worth of digital assets since it launched in 2019. That figure matches the total value of funds sent through Tornado Cash since its launch in February last year, per a Dune Analytics dashboard.

The platform’s web interface quickly went dark after major Ethereum node provider Infura pulled the plug, with its website is now offline. Code repository GitHub also shut down Tornado Cash’s account. Tornado Cash’s native token, TORN, has collapsed 40% since the sanctions were revealed, per CoinGecko.

“The online service [Tornado Cash] makes it possible to conceal the origin or destination of cryptocurrencies,” FIOD said. “The (criminal) origin of the cryptocurrencies is often not or hardly checked by such mixing services. Users of a mixing service mostly do this to increase their anonymity.”

Circle enforces Tornado Cash sanctions, leaving DeFi exposed

Tornado Cash’s protocol and its user interface are open source, meaning that anyone can contribute to its code. The Ethereum-powered project pitches itself as privacy-preserving, allowing users to commingle cryptocurrency inside smart contracts.

Once digital assets are withdrawn from Tornado Cash — depending on how long they spent in the mixing pool — their financial provenance should be too murky for onlookers to track, the idea goes.

Benign use cases for Tornado Cash exist. Following the US sanctions, Ethereum co-founder Vitalik Buterin, who was born in Russia, tweeted he’d used the to donate privately to pro-Ukraine outfits.

US authorities, alongside blockchain analytics units such as Chainalysis, believe the protocol a favorite among North Korean hacker unit Lazarus Group, which has allegedly used it to wash troves of crypto stolen in various hacking incidents, such as the Axie Infinite and Harmony attacks.

But enforcing the US’ Tornado Cash sanctions may prove challenging. In an apparent act of defiance, one anonymous user recently sent small amounts of ether via the protocol to celebrities with known blockchain addresses, including Shaquille O’Neal and Jimmy Fallon.

Banning the wallets and open source repositories might send a signal, but doesn’t eliminate the capability, according to Travis Hoyt, NetSPI’s chief technology officer. He believes more bullet-proof solutions could emerge.

“The sanctions also highlight that the extent to which this can be enforced is limited by the reach of US law, and with the global and decentralized nature of the cryptocurrency space, there may still be plenty of additional avenues for criminals to pursue their goals that are out of reach,” Hoyt said.

You can read the full article at Blockworks!

NetSPI acquires nVisium, bringing top penetration testing talent together.

X