Tornado Cash used to be the number one mixing service in the crypto space. Whether you used it for privacy did not matter; it was a brilliant system. When it was first released, it wasn’t an issue. However, as time went on and cryptocurrencies became popular, the US government felt it was necessary to get a grip on the token system and force KYC. This left the founders with two options: close the service altogether or keep it up and hope to get away with it. They chose the latter, and now Roman Storm and Roman Semenov (the brains behind Tornado Cash) have received their sentencing. They’ve been accused of money laundering, sanctions violations, and more. For their crimes, each is looking at a maximum sentence of 20 years in prison.
What Was Tornado Cash
Tornado Cash was a Bitcoin-focused privacy service used to “Mix” Ethereum as a way to make it virtually untraceable. It wasn’t your ordinary cryptocurrency service, and with the promise of untraceability and anonymity, it attracted the wrong crowd. Roman Semenov, Roman Storm, and Alexey Pertsev were the developers behind this project.
We’ve covered Alexey Pertsev and his sentence previously.
When Tornado Cash, was initially released in December 2019, the service ran on the popular Ethereum Virtual Machine-compatible (EVM) network and helped users keep their open-ledger tokens private. By August 18, 2022, Tornado Cash had processed over $7.6 billion in ETH. It was also available on other networks, such as Binance Smart Chain, Polygon, and Optimism. This made it one of the most unique mixing services, as most only offer BTC mixing.
The basic idea behind mixing services is to jumble up your cryptocurrency with others’ funds to make it super difficult for anyone to track where your money is coming from or going. It is a way to beat the open ledger system on blockchain and make finding the original owner like finding a very well-disguised needle in a huge crypto haystack.
While some folks might have legitimate reasons to want more privacy for their transactions, criminals saw this as a golden opportunity. So they seized it. Cybercriminals from all walks of the digital underworld flocked to Tornado Cash, using it to wash all their dirty digital money and make it seem sparkling clean. As Attorney General Nicole M. Argentieri explained:
“Cryptocurrency mixers have become the go-to method for criminals to conceal their ill-gotten gains. As alleged, the defendants operated Tornado Cash as a safe haven for criminal actors to obfuscate the trail of funds tied to their criminal activities, such as computer hacking and wire fraud. The Criminal Division will continue to prioritize the investigation and prosecution of those who seek to criminally exploit the cryptocurrency ecosystem.”
Making it no wonder the US government set eyes on its founders for creating the service.
North Korea Hack
Sites were turned onto Tornado Cash when over $455 million believed to have been stolen in 2022 was processed through the platform. Wasn’t just an accomplice to any regular crime; it was rubbing shoulders with the big league of digital thieves.
The Lazarus Group, a North Korean gang known for their notorious hacking accomplishments and who are also officially sanctioned as a North Korean Cybercrime organization, allegedly used Tornado Cash to launder a hefty sum amounting to hundreds of millions of dollars, doing all of this using Tornado Cash’s mixing service.
This Lazarus Group has been linked to some major hacks and attacks, including the infamous WannaCry ransomware attack of May 2017, which affected more than 300,000 computers.
“As stated in the indictment, the defendants’ cryptocurrency service facilitated more than $1 billion in illicit transactions, and they knowingly allowed a globally sanctioned cybercrime group to launder hundreds of millions of dollars on behalf of the North Korean regime.”
Assistant Attorney General Matthew G. Olsen said:
Taking Down A Crypto Mixing Kingpin
According to the Indictment of Roman Storm and Roman Semenov paid decent sums of money to create critical infrastructure to operate the Tornado Cash service. They intentionally promoted the Tornado Cash service on the Darknet Markets and forums targeting fraudsters and criminals. It’s how they made millions of dollars in profits from operating the Tornado Cash service.
At first, Storm and Semenov chose not to implement know-your-customer or anti-money laundering programs as required by law. The pair were fully aware of money laundering transactions and received dozens of complaints/ requests for help from victims of hacking and other cybercrimes. But they flat out refused to implement any controls and continued to operate the Tornado Cash service and facilitate these money laundering transactions.
According to the indictment, there are records showing that as the ship tightened regarding KYC and AML, and sanctions-violating transactions, a change was needed publically. So in 2020, the pair implemented a front page change in the service. This allowed Tornado Cash to make a public announcement that they were compliant. However, private chats revealed that the claim of compliance held no substance. They agreed that this change would be ineffective.
While fully aware of the laws they were breaking, they knowingly turned a blind eye and kept the virtual laundromat running at full speed. While avoiding the necessary implementation of KYC and AML programs.
“Roman Storm and Roman Semenov allegedly operated Tornado Cash and knowingly facilitated this money laundering. While publicly claiming to offer a technically sophisticated privacy service, Storm and Semenov in fact knew that they were helping hackers and fraudsters conceal the fruits of their crimes. Today’s indictment is a reminder that money laundering through cryptocurrency transactions violates the law, and those who engage in such laundering will face prosecution.”
U.S. Attorney Damian Williams
The Hot Seat and the Great Escape
The DOJ arrested Tornado Cash co-founder Roman Storm in Washington DC. Roman Semenov is, however, a Russian citizen. Therefore, the OFAC-sanctioned Semenov (Semenov is currently a fugitive.) The pair were charged with the following offences:
- conspiring to engage in money laundering,
- conspiring to breach the International Economic Emergency Powers Act,
- and conspiring to operate an unlicensed money-transfer enterprise.
These charges were handed down after some investigations by the FBI and IRS-CI. Additionally, The Justice Department’s Office of International Affairs and the Joint Chiefs of Global Tax Enforcement provided assistance to them. Should the charges stand against them in court, the potential consequences are huge. The charges lodged against the duo are summed up in the following points:
- A conspiracy to commit money laundering: amounts to two decades behind bars
- Conspiracy to violate the International Economic Emergency Powers Act amounts to another twenty years in jail.
- And finally, conspiracy to operate unlicensed money-transmitting business: 5 years in prison.
Their involvement in the risky, high-stakes game of crypto mixing has catapulted them into a storm of problems where the stakes are as high as the skyscrapers they once occupied with style.
Hey there, I’m a dark web geek who’s been around for the last 8 years. More precisely, I’m livedarknet’s senior content writer who’s been writing about darknet marketplaces, tutorials, and cybersecurity stuff for educational purposes.