Court closes Tornado Cash sanctions case ahead of co-founder’s trial

2025/07/08 17:19

A years-long legal battle between crypto policy group Coin Center and the US Treasury Department over the sanctioning of crypto mixer Tornado Cash has officially come to an end.

In a June 7 post on X, Coin Center director Peter Van Valkenburgh announced that the legal fight over the Treasury’s authority to sanction Tornado Cash has come to an end. His post came after the Eleventh Circuit Court of Appeals officially dismissed the case, per recent filings.

“This is the official end to our court battle over the statutory authority behind the TC sanctions. The government was not interested in moving forward and defending their dangerously overbroad interpretation of sanctions laws,” he wrote.

The dismissal follows a series of earlier rulings, including a November 2023 decision in which a district court rejected Coin Center’s argument that the sanctions violated First Amendment rights, ruling that the Treasury’s Office of Foreign Assets Control (OFAC) had acted within its authority when it sanctioned Tornado Cash.

OFAC sanctioned Tornado Cash back in 2022, claiming the platform aided illegal financial activities, including the laundering of millions by the infamous North Korea-linked hacker group Lazarus. 

But earlier this year, a different Texas court ordered OFAC to lift the sanctions, and the government chose not to appeal that decision. As a result, the Eleventh Circuit Court of Appeals said the case no longer needed to continue.

“The government’s view is that OFAC’s rescission of the designation moots this appeal. Plaintiffs’ view is that this appeal will become moot after the Texas judgment becomes final and unappealable,” the court said.

Still, Tornado Cash’s legal troubles are far from over. Roman Storm, who was indicted by the US Department of Justice over similar allegations of facilitating illicit financial activities, is set to stand trial next week. Storm has consistently maintained his innocence, stating that neither he nor his co-founders knowingly enabled criminal activity through the platform.

Fellow Tornado Cash co-founder Alexey Pertsev was convicted in May 2024 on similar charges and sentenced to 64 months in prison. He was recently released but remains electronically monitored on house arrest. Meanwhile, the third developer involved in the creation of the platform, Roman Semenov, also named in the DOJ indictment, remains at large and has evaded authorities since the initial crackdown.

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

You May Also Like

The Smarter Web Company, a listed company, increased its holdings of 275 bitcoins, bringing its total holdings to 1,275 bitcoins

The Smarter Web Company, a listed company, increased its holdings of 275 bitcoins, bringing its total holdings to 1,275 bitcoins

PANews reported on July 11 that according to an official announcement, the British listed company The Smarter Web Company announced an increase of 275 bitcoins, and the company's total bitcoin
Share
PANews2025/07/11 14:04
Crypto-Stealing Malware Surges as Scammers Impersonate AI, Web3 Startups — Here’s the Catch

Crypto-Stealing Malware Surges as Scammers Impersonate AI, Web3 Startups — Here’s the Catch

A new wave of sophisticated crypto-stealing malware is spreading across the internet as scammers create fake AI, gaming, and Web3 startups to lure victims into downloading malicious software. Cybersecurity firm Darktrace has raised the alarm, detailing how these campaigns operate through elaborate social engineering tactics that exploit trust in digital startups. Attackers are setting up fake companies with convincing websites, social media profiles, GitHub repositories, white papers, and even fake team pages on platforms like Notion. Many of the sites also appear to be linked to verified or compromised X (formerly Twitter) accounts to appear more legitimate. The fake accounts often post software updates, blog content, and product announcements to maintain the illusion of authenticity. “Threat actors are going to great lengths to make these fake startups look real,” the firm stated, adding that the scam has already impacted users globally. Victims are often contacted directly on platforms like X, Telegram, or Discord, with the impersonators presenting themselves as employees of the fake firms, offering cryptocurrency in exchange for testing their software. Users are then given a registration code and directed to download malware-infected applications from professional-looking websites. Source: Darktrace Darktrace Warns of Advanced Malware Campaign Targeting Crypto Users One of the identified schemes involved a fake blockchain game called “Eternal Decay,” which used altered images to claim conference participation and listed fake investors. Gameplay images were also lifted from another game called “Zombie Within.” Other noted fake startups include names like Pollens AI, Swox, and Buzzu, with nearly identical branding and codebases. MY WALLET GOT DRAINED LAST NIGHT 💔 This is not a stunt or a click bait but legit, I got scammed yesterday of 0.4Sol (130,000naira) and here is how it happened. It cost me 0.4 sol in loss to learn this and I don’t want anyone to fall victim to this so please repost for more… pic.twitter.com/x5h7yGjlan — Prymex.eth (@EmekaOghali) May 30, 2025 According to Darktrace, the malware, targeting both Windows and macOS users, is capable of stealing crypto wallet credentials and personal information, using tools like the Realst and Atomic Stealer malware families. Darktrace technical analysis shows that on Windows, the attackers use Electron-based apps to perform system profiling, download malicious files, and execute them quietly. Source: Darktrace On macOS, a disguised DMG file installs the Atomic Stealer , which collects browser data, wallet credentials, and other sensitive files before sending them to attacker-controlled servers. Source: Darktrace Darktrace noted that the malware includes advanced evasion techniques, such as stolen software signing certificates, obfuscation, and persistent background execution to avoid detection. “This is one of the more elaborate and persistent social engineering campaigns we’ve seen targeting the crypto space,” said a Darktrace researcher familiar with the investigation. “They’re building out fake companies with all the digital trimmings — even fake merchandise stores and doctored company registrations — just to get users to download malware,” they added. Notably, Darktrace believes the tactics resemble those previously linked to a malware group known as “CrazyEvil,” identified by Recorded Future earlier this year. That group was known for targeting crypto users and developers through fake projects and social engineering techniques. While it’s unclear whether CrazyEvil is directly responsible for this campaign, the tactics appear consistent. Darktrace warned that the threat actors are using newer variants of malware and more elaborate deception methods to lure victims. Malware Campaigns and Credential Breaches Fuel 2025 Crypto Crime Surge The rise in crypto-targeted scams hasn’t slowed down, and now, a wave of highly coordinated malware and credential breaches is pushing 2025 toward record-breaking crypto losses. According to Kaspersky’s Financial Cyberthreats report , crypto phishing detections have surged 83.4% year-over-year, while mobile banking Trojan attacks have increased 3.6x. In contrast, traditional banking malware has declined, indicating a shift in attacker priorities from fiat systems to crypto wallets. One of the most alarming developments is “SparkKitty,” a sophisticated mobile malware strain active since February 2024. Notably, the tool, which was disguised as TikTok mods or crypto apps, has infiltrated Google Play and the App Store, bypassing security checks to steal seed phrases stored in user photo galleries . 🕸️ @kaspersky discovers SparkKitty malware stealing crypto seed phrase screenshots from iOS and Android using OCR technology after successfully infiltrating official app stores. #Malware #Crypto https://t.co/2oMOhyN1g3 — Cryptonews.com (@cryptonews) June 24, 2025 SparkKitty, an evolution of the earlier SparkCat campaign, uses OCR technology to scan screenshots of wallet credentials from infected devices. Meanwhile, in May, cybersecurity analysts traced malware back to Procolored , a Chinese printer manufacturer. The printer’s official drivers carried a crypto-stealing remote access trojan, replacing copied wallet addresses with those of attackers. ‼️ ALERT: Chinese printer firm Procolored shipped malware in official drivers. Over 9.3 BTC stolen. Company blames USB error. #CyberSecurity #Bitcoin #Procolored https://t.co/Wb9q7DXL4X — Cryptonews.com (@cryptonews) May 19, 2025 The scheme went undetected for six months, resulting in the theft of 9.3 BTC, worth nearly $1 million. Adding to the threat, a massive data breach uncovered by Cybernews revealed over 16 billion login credentials , many collected via infostealer malware. The breach included sensitive access data from platforms like Telegram, GitHub, and Apple, escalating risks for crypto users managing assets online. Combined with CertiK’s estimate of $2.2 billion lost to crypto attacks in H1 2025 , these incidents indicate the growing sophistication of cybercrime targeting digital assets.
Share
CryptoNews2025/07/11 19:27