Mixed activities for bitcoin and crypto will reach a new peak this year in 2022

• Cryptomixers have received funds from various channels such as centralized exchanges, DeFi protocols and illegal addresses.
• Russia’s largest darknet market Hydra accounted for 50 percent of all funds transferred to mixers, from sanctioned units.

Thefts in the crypto area have been on a sharp rise with attackers exploiting network protocols and stealing millions of dollars of user funds. As a result, Bitcoin and cryptocurrency mixing activities have also increased to reach all times this year in 2022.

On Thursday 14 July, the blockchain analysis company Chainlysis published a report explaining the state of increased use of cryptomixers. Some privacy advocates see cryptomixers as an important way to protect users’ identities. However, the chainalysis report shows that most of the crypto sent to the mixers comes from nation states and cybercriminals.

The increase comes specifically from an increased amount of crypto sent from centralized exchanges, DeFi protocols and illegal addresses. As the Chainalysis report notes:

However, the increase in illegal cryptocurrencies moving to mixers is more interesting. Illegal addresses make up 23% of the funds sent to mixers so far in 2022, up from 12% in 2021. In the diagram below, we examine the types of criminal activity the illegal actors are associated with.

Subject: Chainalysis

During the second quarter, there has been a large volume of funds transferred to mixers from addresses linked to sanctioned units. North Korea has recently been active behind the hacks in the crypto market. According to our previous report, North Korea’s Lazarus group was behind the use of the $ 100 million Harmony Protocol. The infamous nation state is said to have moved the stolen funds through the Tornado Cash mixer.

Lazarus Group and Russia’s Darknet Market Hydra

Earlier this year in 2022, the US Department of Justice announced that Russia’s largest darknet market Hydra seized $ 25 million in Bitcoins (BTC). According to Chainalysis, Hydra accounted for a staggering 50 percent of all funds that moved to mixers, and came from sanctioned entities.

Thus, drug sales were not the only reason behind the crackdown on Hydra. The US DoJ also noted that Hydra played a major role in laundering money from other darknesses. The chain light report further adds:

Given the oversized role that Russia plays in cybercrime, and the links some of these cybercrime groups have to Russian intelligence services, an increase in funds transferred from services such as Hydra to mixers could be significant from a national security standpoint.

The next major players using cryptomixers are North Korea’s Lazarus Group and Blender.io. So far in 2022, the Lazarus Group has stolen $ 1 billion worth of digital assets, mainly from DeFi protocols. On the other hand, Blender.io became the first mixer ever to be sanctioned this year for money laundering stolen by the Lazarus Group.

While the funds coming from Hyrda to cryptomixers fell during the second quarter of 2022, those coming from Lazarus Group have increased significantly.

Subject: Chainalysis

Cryptomixers are not completely illegal and also help provide financial privacy. The US Financial Crimes Enforcement Network (FinCEN) classifies mixers as money senders that require registration under the Bank Secrecy Act (BSA).