Dutch investigators said Friday they have arrested a suspected developer for Tornado Cash, a cryptocurrency service sanctioned by Washington for allegedly laundering funds stolen by North Korean hackers.
The 29-year-old was arrested in Amsterdam on Wednesday on and would appear before an investigating judge later Friday, the Dutch financial and fiscal crime investigation service (FIOD) said.
“We suspect a developer… of Tornado Cash of involvement in concealment and laundering of large-scale criminal money flows by mixing cryptocurrencies,” FIOD said on Twitter.
“Multiple arrests are not ruled out.”
The Dutch agency said it had been investigating Tornado Cash since June 2022 on suspicion of laundering at least $1 billion worth of criminally-obtained cryptocurrency, on a total turnover of $7 billion, it said.
“These included funds stolen through hacks by a group believed to be associated with North Korea,” it said.
The people behind the service had made “large scale profits” from these transactions, it said.
Tornado Cash is one of the leading mixers, also known as tumblers, which help people hide the movements of their crypto currencies like bitcoin and ethereum by blending them with the transfers by other users.
The US Treasury slapped sanctions on Tornado cash on Monday.
It said Tornado Cash was used to transfer and mask $455 million of the more than $600 million worth of ethereum virtual currency stolen in April from the Axie Infinity game via the Ronin Network.
That theft, which the Treasury called the largest known crypto heist to date, was carried out by North Korean state-backed hacking units known as the Lazarus Group and APT38, according to the FBI.
Tornado Cash had also been used to transfer at least $96 million of funds stolen in June from crypto exchange service Harmony Bridge, and another $7.8 million of the nearly $200 million in crypto currency hacked from Nomad, a similar service, the Treasury said.
Roman Semenov, the Russian founder of Tornado Cash, suggested in a Twitter statement on Monday that his company cannot screen who uses the service.