Blockchain security firm Chainalysis has identified a new trend by cyber criminals wherein they are using ‘crypto mixers’ to launder funds.
According to data researched by Chainalysis, the 30-day moving average of cryptocurrencies sent through crypto mixers had reached an all-time high of $51.8 million on April 19, 2022, and this figure is almost double that of last year’s figure for the same period.
Apart from this, other data researched by them has also revealed that “In fact, nearly 10 per cent of all funds sent from illicit addresses are sent to mixers — no other service type cracked a 0.3 per cent mixer sending share.”
Dileep Seinberg, founder and CEO, MuffinPay, a bill payment and utility crypto company, said that the entire crypto sector is still in its nascent stages, and so a deep understanding of the technology is needed in order to protect people from cybercrimes in this sector.
He says that there has been a spurt in cybercrimes in crypto lately, and many have fallen victim to them.
“There is no denial that illicit activities have surged rapidly over the years. It is time that the crypto projects, regulators and the community shun the hostility and move towards better financial security and data privacy. People and authorities should learn of others’ mistakes, too, and avoid falling prey,” he said.
Normally, when a user sends crypto from one wallet to another, it involves the receiver and the sender both knowing the wallet’s specific address. Although identifying someone from their crypto wallet address is next to impossible, the fund’s movement in that wallet can be tracked.
This is exactly what crypto mixers aim to eliminate – ‘tracking of funds’.
What these crypto mixers do is mix the digital crypto funds with other user’s funds, and then make multiple combinations and chain of transactions, and keep on doing that until the source and destination of the crypto transaction is lost in the haystack.
“The increase in illicit cryptocurrency moving to mixers is more interesting though. Illicit addresses account for 23 per cent of funds sent to mixers so far in 2022, up from 12 per cent in 2021,” the Chainalysis report said.
Incidentally, the crypto mixer services, such as Tornado Cash, Chipmixer, and others were made for those users who wanted a privacy-focussed crypto transfer solution, so that nobody could track what they were doing with their funds.
Chainalysis said they are actively working to bring out a security protocol which effectively diminishes the worthiness of crypto mixers, as well as reduces their value to cyber crypto criminals.
“Mixers may soon become obsolete, as Chainalysis continues to refine the ability to demix certain mixing transactions and see users’ original source of funds. But for the time being, our data shows that mixers are receiving more cryptocurrency than ever in 2022,” the report said.
According to the report, the following could be some of the reasons why criminals are using mixers to transfer their ill-gotten crypto funds.
Sanctions Against Russian And N. Korean Groups: Chainalysis researchers found out another trend, i.e., the volume and activity of funds sent via crypto mixers rose after the sanctions were imposed against Russia and North Korea.
“Funds sent to mixers by cybercriminal groups associated with Russia, and especially those associated with North Korea, have risen dramatically in 2021 and 2022,” the report said.
Chainalysis also found that the world’s largest Russian origin Dark Net marketplace, Hydra, which was shut down and sanctioned by the US law enforcement, and German federal police, accounted for close to 50.4 per cent of all funds moving to mixers from sanctioned entities this year.
Hydra facilitated and played an active role in laundering funds from other Dark Net markets, crypto thefts, ransomware attack gains, sale of stolen data, and cyberattacks, among others.
“Given the outsized role that Russia plays in cybercrime, and the connections some of these cybercriminal groups have to Russian intelligence services, an increase in funds moving from services like Hydra to mixers could be significant from a national security standpoint,” the Chainalysis report said.
Apart from Hydra (50.4 per cent), Lazarus group (associated with the North Korean government) formed 30 per cent, while Blender.io formed 18.8 per cent, and the others the rest 0.8 per cent.
“Lazarus Group is a cybercrime syndicate responsible for several cryptocurrency hacks on behalf of the North Korean government. Already in 2022, hackers associated with the North Korean government are believed to have stolen over $1 billion worth of cryptocurrency, mostly from DeFi protocols,” Chainalysis said in the report.
Decentralised Finance (DeFi): Chainalysis said the DeFi protocols, and most notably, addresses connected to illicit activity have risen not just in terms of value sent to mixers, but also in terms of the share of all volume sent to mixers.”
