OFAC Sanctions Tornado Cash for Money Laundering


The Office of Foreign Asset Control (OFAC) has today – 8th August 2022 – added Tornado Cash’s website and related blockchain addresses to its Specially Designated Nationals (SDN) list in a statement.

“Despite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risks. Treasury will continue to aggressively pursue actions against mixers that launder virtual currency for criminals and those who assist them.” – Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson

The popular mixing service has long been utilised by cybercriminals to launder funds in multiple hacks that Coinfirm has publicly analysed such as the Vee Finance, DAO Maker, Impossible and Eleven Finance DeFi attacks.

The list of addresses – 45 in total, 7 duplicates – that have been sanctioned by OFAC today are listed below:

  • 0x8589427373D6D84E98730D7795D8f6f8731FDA16 (ETH)
  • 0x722122dF12D4e14e13Ac3b6895a86e84145b6967 (ETH)
  • 0xDD4c48C0B24039969fC16D1cdF626eaB821d3384 (ETH)
  • 0xd90e2f925DA726b50C4Ed8D0Fb90Ad053324F31b (ETH)
  • 0xd96f2B1c14Db8458374d9Aca76E26c3D18364307 (ETH)
  • 0x4736dCf1b7A3d580672CcE6E7c65cd5cc9cFBa9D (ETH)
  • 0xD4B88Df4D29F5CedD6857912842cff3b20C8Cfa3 (ETH)
  • 0x910Cbd523D972eb0a6f4cAe4618aD62622b39DbF (ETH)
  • 0xA160cdAB225685dA1d56aa342Ad8841c3b53f291 (ETH)
  • 0xFD8610d20aA15b7B2E3Be39B396a1bC3516c7144 (ETH)
  • 0xF60dD140cFf0706bAE9Cd734Ac3ae76AD9eBC32A (ETH)
  • 0x22aaA7720ddd5388A3c0A3333430953C68f1849b (ETH)
  • 0xBA214C1c1928a32Bffe790263E38B4Af9bFCD659 (ETH)
  • 0xb1C8094B234DcE6e03f10a5b673c1d8C69739A00 (ETH)
  • 0x527653eA119F3E6a1F5BD18fbF4714081D7B31ce (ETH)
  • 0x58E8dCC13BE9780fC42E8723D8EaD4CF46943dF2 (ETH)
  • 0xD691F27f38B395864Ea86CfC7253969B409c362d (ETH)
  • 0xaEaaC358560e11f52454D997AAFF2c5731B6f8a6 (ETH)
  • 0x1356c899D8C9467C7f71C195612F8A395aBf2f0a (ETH)
  • 0xA60C772958a3eD56c1F15dD055bA37AC8e523a0D (ETH)
  • 0x169AD27A470D064DEDE56a2D3ff727986b15D52B (ETH)
  • 0x0836222F2B2B24A3F36f98668Ed8F0B38D1a872f (ETH)
  • 0xF67721A2D8F736E75a49FdD7FAd2e31D8676542a (ETH)
  • 0x9AD122c22B14202B4490eDAf288FDb3C7cb3ff5E (ETH)
  • 0x905b63Fff465B9fFBF41DeA908CEb12478ec7601 (ETH)
  • 0x07687e702b410Fa43f4cB4Af7FA097918ffD2730 (ETH)
  • 0x94A1B5CdB22c43faab4AbEb5c74999895464Ddaf (ETH)
  • 0xb541fc07bC7619fD4062A54d96268525cBC6FfEF (ETH)
  • 0x12D66f87A04A9E220743712cE6d9bB1B5616B8Fc (ETH)
  • 0x47CE0C6eD5B0Ce3d3A51fdb1C52DC66a7c3c2936 (ETH)
  • 0x23773E65ed146A459791799d01336DB287f25334 (ETH)
  • 0xD21be7248e0197Ee08E0c20D4a96DEBdaC3D20Af (ETH)
  • 0x610B717796ad172B316836AC95a2ffad065CeaB4 (ETH)
  • 0x178169B423a011fff22B9e3F3abeA13414dDD0F1 (ETH)
  • 0xbB93e510BbCD0B7beb5A853875f9eC60275CF498 (ETH)
  • 0x2717c5e28cf931547B621a5dddb772Ab6A35B701 (ETH)
  • 0x03893a7c7463AE47D46bc7f091665f1893656003 (ETH)
  • 0xCa0840578f57fE71599D29375e16783424023357 (ETH)
  • 0x58E8dCC13BE9780fC42E8723D8EaD4CF46943dF2 (ETH)
  • 0x8589427373D6D84E98730D7795D8f6f8731FDA16 (USDC)
  • 0x722122dF12D4e14e13Ac3b6895a86e84145b6967 (USDC)
  • 0xDD4c48C0B24039969fC16D1cdF626eaB821d3384 (USDC)
  • 0xd90e2f925DA726b50C4Ed8D0Fb90Ad053324F31b (USDC)
  • 0xd96f2B1c14Db8458374d9Aca76E26c3D18364307 (USDC)
  • 0x4736dCf1b7A3d580672CcE6E7c65cd5cc9cFBa9D (USDC)

All of the addresses above have been attributed with the sanctioned owner risk flag in Coinfirm’s anti-money laundering database, meaning that all addresses that interact with these will inherit the risk and shall be further propagated tracing the flow of funds through our proprietary proximity algorithm.

For more references to the United States’ view on crypto mixers/tumblers and other anonymity techniques, read the 2022 National Money Laundering Risk Assessment or download it below.

The release from OFAC states that “As today’s action demonstrates, mixers should in general be considered as high-risk by virtual currency firms, which should only process transactions if they have appropriate controls in place to prevent mixers from being used to launder illicit proceeds.”

Coinfirm’s AML risk algorithms are able to see through mixers, Litecoin’s MimbleWimble, Bitcoin’s CoinJoin and more ‘anonymity’ techniques. In addition to the industry-leading AML Platform, Coinfirm has released the AML Oracle for DeFi entities to be in compliance with sanctions of crypto addresses.

Looking to comply with crypto AML compliance stipulations?

Contact Coinfirm or sign up/log in to the AML Platform to experience the most flexible crypto RegTech platform powered by more than 350 proprietary risk analysis algorithms.