Sanctioned crypto mixer Blender relaunched as ‘Sinbad’:Report

Key Takeaways

• Elliptic states the way Sinbad mixer operates is identical to Blender because of “ten-digit mixer codes, guarantee letters signed by the service address, and a maximum seven-day transaction delay.”
• The firm alleges that Sinbad has laundered close to $100 million in BTC from hacks tied with Lazarus.

Blockchain analytics firm Elliptic states that the Blender-crypto mixer sanctioned last year was likely to be relaunched as Sinbad.

In its latest blog post, Elliptic notes that its Sinbad analysis hints that the new bitcoin mixer was likely a rebrand of Blender, adding that the way Sinbad mixer operates is identical to Blender owing to its “ten-digit mixer codes, guarantee letters signed by the service address, and a maximum seven-day transaction delay.”

The risk management firm further claims that before Sinbad was launched officially, its wallet received BTC from a wallet believed to be controlled by the operator of Blender. “The founders might have been testing the new service”, Elliptic speculates.

????️ Blender is back! Elliptic research found that a coin mixer sanctioned for helping Lazarus Group launder tens of millions of dollars is likely to have re-launched as Sinbad and has laundered close to $100m in Bitcoin from hacks attributed to Lazarushttps://t.co/qSUPwIgPpq

— elliptic (@elliptic) February 13, 2023

The firm also makes damning allegations that Sinbad has laundered close to $100 million in BTC from hacks attributed to Lazarus. North Korea-based Lazarus group has been behind several hacks in the crypto space, including the theft of $100 million worth of Ethereum stolen from Harmony Horizon in June 2022.

Elliptic claims that following U.S. regulators imposing sanctions on crypto mixers, including Blender, Lazarus hackers used Sinbad to launder some funds from the $100-million attack on Horizon Bridge in January 2022.

“Tens of millions of dollars from Horizon and other North Korea-linked hacks have been passed through Sinbad to date and continue to do so,” it alleges.

The firm suggests that the individuals behind Sinbad may have rebranded to “gain trust from users” following Blender closing its operations. It also suggests that the Office of Foreign Assets Control(OFAC) should consider ordering sanctions on the crypto mixer.

To date, OFAC has sanctioned two mixing service providers, including Blender.io in May 2022 and Tornado cash in August 2022.  

Last year, OFAC sanctioned Blender.io after U.S. Treasury Department allegations that the crypto mixer was used to launder proceeds from ransomware attacks and about $20.5 million in crypto stolen from Ronin.

In April 2022, Ronin – a sidechain that is connected to the main Ethereum blockchain, lost 173,600 ETH and 25.5 million USDC, worth $625 million at the time, and Lazarus group was allegedly responsible for the exploit.