Tornado Cash developers Roman Semenov and Roman Storm have been charged with three counts of conspiracy in an indictment unsealed today. While Storm has been taken into custody, Semenov remains at large, as stated by the Southern District of New York.
Tornado Cash is a cryptocurrency “mixer,” a privacy service designed to obscure the ownership trail of cryptocurrency transactions.
According to U.S. Attorney Damian Williams, the mixer “knowingly violated” U.S. sanctions and “laundered more than $1 billion in criminal proceeds.”
Williams noted that despite publicly presenting Tornado Cash as a sophisticated privacy service, Semenov and Storm were aware that they were assisting hackers and fraudsters in concealing the proceeds of their crimes.
The charges against the developers include conspiracy to commit money laundering, conspiracy to violate sanctions, and conspiracy to operate an unlicensed money transmission business.
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned Tornado Cash last year, and today, OFAC also specifically sanctioned Semenov. A third co-founder, Alexey Pertsev, will face trial in the Netherlands and is not mentioned in the indictment.
The indictment accuses Tornado Cash of being used by North Korea’s Lazarus Group to launder hundreds of millions of dollars. Experts have noted that mixers like Tornado Cash are frequently used to launder funds from ransomware activities.
Privacy concerns in cryptocurrency extend beyond criminal use, as once a wallet is linked to an identity, all transactions can be traced.
This drives the demand for privacy tools among users who are not engaged in illegal activities.
However, Tornado Cash was allegedly used by North Korean hackers to launder $615 million in stolen tokens from the Ronin Network.
The indictment claims that Tornado Cash operated without implementing required know-your-customer (KYC) or anti-money laundering (AML) programs under U.S. law and did not register with FinCEN as a money-transmitting business.
Additionally, Semenov and Storm created a guide titled “Tips to Remain Anonymous,” advising users to use Tor or a VPN, clear their web browsers, and keep funds in Tornado longer to enhance transaction anonymity. They also suggested using different IP addresses for depositing and withdrawing funds.
Storm proposed creating a version of Tornado with KYC and AML compliance, but the venture capital investors involved were dismissive. One investor commented, “I just don’t know if anyone will actually want this,” adding, “It would be unlikely as a fund that we’d use a ‘compliant mixer.’”
The indictment references two other incidents in addition to the Ronin hack—one in 2020 and another in 2021—which appear to correspond with the KuCoin hack in 2020 and the BitMart hack in 2021, as reported by CoinDesk.
The indictment states that despite knowing Tornado Cash was being used to launder criminal proceeds, and that significant amounts of ETH in Tornado Cash pools represented criminal proceeds commingled with other customer deposits, the developers took no steps to implement effective AML or KYC programs.
Instead, they allegedly enhanced anonymity to profit from the volume of transactions processed.
