Crypto Mixing Services Indictment: Blender.IO and Sinbad.IO

On January 10, 2024, the DOJ unveiled an indictment against four Russian nationals, charging them with money laundering and operating unlicensed money transmission businesses. Its an interesting indictment that provides virtually no clue as to how the charged defendants are guilty of money laundering. In essence, it is guilt by association - tainted money went through the mixers, and therefore, the defendants are guilty of money laundering. This reminds me of the old Polyo string cheese commercial, where a kid orders a pizza and then proceeds to ask the chef to hold the sauce and the crust and all the toppings. The punchline is the kids wanted a “pizza with nuttin’”. This Indictment is “money laundering with 'nuttin,’” where the DOJ (with)holds all actual criminal allegations and instead presumes “knowledge” of the underlying frauds by the defendants. This is an indictment, but still … its fairly weak and should have been better pled.

Brief Summary of the Blender/Sinbad Indictment

The Indictment charges Roman Vitalyevich Ostapenko, Alexander Evgenievich Oleynik, and Anton Vyachlavovich Tarasov with operating cryptocurrency mixing services, Blender.io and Sinbad.io, that allegedly facilitated the laundering of proceeds from illicit activities. According to the government, these services were specifically designed to obfuscate the origin and destination of funds, making them attractive tools for cybercriminals engaging in ransomware, wire fraud, and other illegal activities.

• The operators allegedly advertised Blender.io and Sinbad.io on cryptocurrency forums such as Bitcointalk.org, promoting the services as secure, anonymous, and easy to use - almost like every other crypto company.

• Posts on these forums emphasized features such as "No Logs Policies" and the ability to sever transactional links, which prosecutors argue demonstrate an intent to attract users seeking to engage in illegal activities.

Notable Transactions Highlighted

The indictment provides some detailed instances in an attempt to substantiate the allegations. As examples:

• Blender.io:

  • On November 2, 2021, a transfer of approximately 0.385 Bitcoin (equivalent to $24,000 at the time) was processed through Blender.io. These funds were allegedly tied to proceeds from ransomware attacks that involved intentional damage to protected computers and extortion.

  • The transaction was allegedly designed to conceal the origin of the funds by employing advanced obfuscation techniques such as splitting the amount across multiple destination addresses.

  • There are no allegations that any of the defendants were aware of this transaction or that they knew the origin of the money.

• Sinbad.io:

  • On June 4, 2023, a transfer of approximately 5.409 Bitcoin (valued at $147,136) was processed through Sinbad.io. The indictment alleges, with no real evidence, that these funds were tied to wire fraud and illegal transactions involving access device fraud.

  • Similar to Blender.io, the indictment alleges that Sinbad.io’s mixing services were used to obscure the flow of funds by implementing customizable time delays and routing mechanisms.

  • There are no allegations that any of the defendants were aware of this transaction or that they knew the origin of the money.

• Ransomware Connections:

  • The indictment highlights a pattern of transactions involving proceeds from ransomware payments, often facilitated by attackers leveraging the anonymity provided by both mixers.

The U.S. Treasury’s Office of Foreign Assets Control (OFAC) had previously sanctioned Blender.io for laundering cryptocurrency linked to North Korean cybercriminal organizations. The sanctions also cited the mixer's involvement in laundering funds stolen through ransomware campaigns.

Charges

The allegations against the individual defendants (Roman Vitalyevich Ostapenko, Alexander Evgenievich Oleynik, and Anton Vyachlavovich Tarasov) charge them with:

• Money Laundering Conspiracy (18 U.S.C. § 1956):

  • Allegedly using Blender.io and Sinbad.io to launder proceeds from illegal activities, including ransomware and wire fraud. Specifically, the underlying specified unlawful activities of the money laundering are: wire fraud, illegal transactions with an access device, intentional damage to a protected company and extortion.

  • Designing these services to obfuscate the origin and destination of funds.

• Operating Unlicensed Money Transmitting Businesses (18 U.S.C. § 1960) (Counts 2 and 3):

  • Accused of failing to register their money transmittal services of Blender.io as required by U.S. law (Count 2) and Services.io (Count 3).

Defenses to the Charges

Of course, we have no evidence yet, and the barebones Indictment provides virtually nothing to analyze. However, a brief read of the Indictment makes clear that the defendants have viable defenses, two of which are discussed below:

• The Indictment is devoid of allegations of “intent” to commit a crime:

  • Of course, the prosecution must prove that the operators knowingly facilitated money laundering and other crimes. This means that the government must not only show that they intentionally created the mixer to facilitate money transmissions, but that they operated the mixer knowing that it was being used to facilitate or disguise criminal activity. Here, the Indictment alleges virtually nothing to indicate that the defendants were aware of any underlying criminal activity. This is troubling.

  • The defense will argue that the mixers were designed for legitimate privacy purposes and that the operators did not know about the illicit activities of their users. Privacy is a big concern, even for crypto users. Crypto transactions are public, and once a person is connected to a Wallet, the entire universe will know how much money they have.

  • Proving intent al becomes more challenging if the operators had policies against illegal use or lacked visibility into the transactions processed through their platforms, which is almost certainly the case here.

  • Here, the Indictment really shows an overreliance on Forum Posts that do not prove criminal intent

    • Advertisements and forum posts may not conclusively prove criminal intent, especially if they emphasize privacy rather than illegality.

    • The government’s use of promotional materials will also be undermined if these materials are vague or were not directly created by the defendants

• Jurisdictional Issues and Extraterritoriality

  • There are few, if any, concrete allegations tying the underlying criminal activity to the United States. Although it is not yet fully settled, most jurisdictions have held that the federal wire fraud statutes are not extraterritorial, meaning that significant criminal activities must occur in the United States.

  • Extraterritorial application of U.S. law requires a showing that the alleged actions had a substantial impact on U.S. commerce or involved a sufficient nexus to the United States. For example, demonstrating the defendants knowingly targeted U.S.-based users or conducted business in the U.S. could be critical for the prosecution.

  • Wire fraud statutes under 18 U.S.C. § 1343 have been interpreted to apply extraterritorially when the fraud has substantial connections to the United States. For instance:

    • Use of U.S.-based communication systems: If fraudulent transactions involved U.S. financial institutions or servers, jurisdiction may be established.

    • Harm to U.S. victims: The prosecution may argue that wire fraud impacted U.S.-based entities or individuals, warranting extraterritorial application.

    • Intent to defraud within U.S. commerce: Evidence that the defendants sought to engage U.S.-based users or markets could strengthen the claim of jurisdiction.

  • For money laundering specifically, there is extraterritorial jurisdiction for violations of § 1956 if: (1) the transaction or series of related transactions exceeds $10,000; and (2) the laundering is by a United States citizen, or, if by a foreign national, the conduct occurs in part in the United States. See §  1956(f). There is extraterritorial jurisdiction for violations of §  1957 if the defendant is a United States person. See § 1957(d). Here, there are no concrete allegations that the conduct occurred in part in the United States.

  • In sum, the defense will argue that all the underlying criminal activity they engaged in had insufficient connections to U.S. commerce or that the transactions cited occurred entirely outside U.S. borders without any substantial effects domestically.

It is unclear why the Government drafted such a generic, unsupported Indictment. Is it because they have little evidence or is it because they felt a generic Indictment would be supplanted, down the road, with discovery. Who knows, but for now, the defendants may have the upper hand.

For expert legal advice, review our full page on money laundering, and contact the expert criminal defense attorneys at Dynamis LLP or email whitecollar@dynamisllp.com, today. We’re here to guide you through every step of your defense, whether its a charged crime of money laundering, crypto, or any other type of criminal activity.