ChipMixer Crypto Laundromat Shut Down by German, US Authorities
The cryptocurrency mixer known as ChipMixer has been the target of a joint investigation led by German and US authorities with support from Europol, Belgium, Poland and Switzerland.
Conducted on Wednesday, the anti-money laundering operation took down the ChipMixer infrastructure and seized four servers, 7 TB of data and 1,909.4 Bitcoins (approximately $47.3 million) in 55 transactions.
Most of the seized funds are said to have had connections with dark web markets, stolen crypto-assets, ransomware groups, illegal trade in goods and acquisition of material about the sexual exploitation of children.
“ChipMixer, an unlicensed cryptocurrency mixer set up in mid-2017, was specialized in mixing or cutting tracks related to virtual currency assets,” Europol explained in a blog post published on Wednesday.
According to the law enforcement agency, the software developed by the ChipMixer threat actors obscured the blockchain trail of the funds. Cybercriminals aiming to launder illicit proceeds used the infrastructure to turn deposited funds into “tokens” that were mixed and anonymized.
“At the end of the process, the ‘cleaned’ crypto can be easily exchanged into other cryptocurrencies or directly into FIAT currency via ATM or bank accounts,” Europol explained.
Because of these features, the agency also confirmed that several ransomware actors, including Zeppelin, SunCrypt, Mamba, Dharma, and Lockbit, have also exploited ChipMixer to launder ransoms they have received.
Read more about Lockbit here: LockBit dominates ransomware campaigns in 2022
“It’s always a good day when a crypto money launderer engaged in illegal activity is taken down,” commented Roger Grimes, data-driven defense evangelist at KnowBe4. “U.S. authorities and their allies have aggressively sought to shut down and sanction illegal mixers whenever they can.”
At the same time, the security expert said KnowBe4 noticed a slight increase in mixers relying on improved methods to hide identities and transaction volumes from the public blockchain.
“These efforts make it more difficult to follow the money,” Grimes added. “It remains to be seen whether criminals will move, en masse, to these harder-to-trace blockchains, or even whether these harder-to-trace blockchains really, long-term, are harder to trace.”
The ChipMixer takedown comes a couple of months after the US National Cryptocurrency Enforcement Team arrested a Russian national suspected of playing a key role in the now-dismantled Hydra dark web marketplace.