New Report Shows Criminals Are Mixing Crypto Streams to Conceal Earnings

When crypto transactions remain transparent on the blockchain, how hard is it to conceal when digital currency is trading not so legally?

Well, at this point, how hard is it to launder your crypto? A new report indicates that online criminals are the main demographic using services that make crypto transactions less traceable. Mixers, AKA cups, are a tool that collects funds distributed by multiple users, then mixes them before asking each user to withdraw the original amount they contributed, minus a service fee.

A new report from crypto analytics firm Chainalysis released on Friday shows that by far the largest share of funds sent to mixers came from “illicit addresses”. Nearly 10% of all funds sent to mixers came from these alleged cybercriminals, compared to just under 0.3% of mixer usage among different addresses such as P2P exchanges and gaming platforms.

And it got worse this year. These illicit addresses accounted for 23% of all funds sent to mixers in 2022. These illicit funds came from sources such as scams, stolen funds, fraud stores and more. The report’s authors note that many of these services don’t require much customer identification. Several sanctioned entities like the Lazarus Group, a North Korea-linked team believed to be responsible for the $625 million ($868) Axie Infinity hack, accounted for 30% of all sanctioned entities that sent funds to mixers this year . The Russian darknet market Hydra accounted for more than 50% of funds sent to mixers. Hydra is known for its involvement in crypto theft, ransomware, and more.

The report noted that cybercriminals affiliated with North Korea were using mixers to try to conceal the most funds of any other group.

Of course, not everyone who uses mixers is inherently criminal, especially since transactions on the blockchain are public and, after much effort, traceable. People trying to hide their transactions from oppressive governments might find the extra privacy provided by anonymous mixers useful. It’s also important to note that mixers don’t work as well for criminals trying to launder larger funds, because inevitably some of the crypto a user puts into a mixer, if it’s more than d other users, will be part of the coins that they started with.

However, as Chainalysis notes, “data shows that mixers currently pose a significant money laundering risk, with 25% of funds coming from illicit addresses, and cybercriminals associated with hostile governments profiting from this.”

There are different types of mixers, but in short, those who use these services for illicit purposes prefer those that are not centralized enough to record who put in their coins and who took them out. The mixers themselves are considered “money transmitters” by the Financial Crimes Enforcement Network, the US agency that tracks financial crimes for the Treasury Department. The report highlights that some mixing services have been called out for illicit activity. Federal prosecutors have charged Bitcoin Fog with money laundering for allegedly operating an unlicensed transmission service on the darknet.

“We are not aware of any mixers that currently follow rules related to [Know Your Customer] processes, source of funds checks and other basic customer identification and due diligence regulations that [money service businesses] are submitted in most jurisdictions,” the report said.

Although the price of crypto remains well below its mid-2021 peak, the rate of crypto crimes has only increased. Web3 security firm CertiK’s second quarter report released on July 7 showed that the crypto scene lost more than US$2 billion ($3) from April to June, including US$870 million ($1,208 $) were due to hacks and exploits. The loss in the first half is greater than all of 2021 combined.

The security report notes that two of the most common attacks are flash loans and phishing scams carried out mainly on platforms such as Discord or Telegram, which do not have a Twitter-like “verified account” system.

And what does this offer for the rest of the year? CertiK’s report predicted a 223% increase in funds lost to attacks compared to last year. So I guess we’re all looking forward to that.