Cryptomixers laundered millions for Russian, North Korean cyberhackers: chain analysis report

Blockchain security firm Chainalysis has identified a new trend of cybercriminals using “cryptomixers” to launder funds.

According to data examined by Chainalysis, the 30-day moving average of cryptocurrencies sent through crypto mixers had reached an all-time high of $51.8 million on April 19, 2022, and this figure is almost double last year’s figure for the same period. .

Apart from this, other data examined by them also revealed that “In fact, almost 10 percent of all funds sent from illegal addresses are sent to mixers – no other service type cracked a 0.3 percent mixer sending share.”

Dileep Seinberg, Founder and CEO, MuffinPay, a bill payment and utility crypto company, said that the entire crypto sector is still in its nascent stage, hence a deep understanding of the technology is needed to protect people from cybercrime in this sector. .

He says that there has been a surge in cybercrime in crypto lately, and many have fallen victim to them.

“There is no denying that illegal activities have increased rapidly over the years. It is time for the crypto projects, regulators and society to shun the hostility and move towards better financial security and privacy. People and governments should also learn from the mistakes of others, and avoid becoming prey, he said.

What is a cryptomixer?

Normally, when a user sends crypto from one wallet to another, it implies that both the recipient and the sender know the wallet’s specific address. Although it is almost impossible to identify someone from their crypto wallet address, the movement of funds in that wallet can be tracked.

This is exactly what cryptomixers aim to eliminate – “tracking of funds”.

What these crypto mixers do is to mix the digital crypto funds with other user’s funds, then create multiple combinations and chain of transactions, and continue to do so until the source and destination of the crypto transaction is lost in the haystack.

“More interesting, however, is the increase in illegal cryptocurrency moving to mixers. Illegal addresses account for 23 percent of funds sent to mixers so far in 2022, up from 12 percent in 2021,” the Chainalysis report said.

By the way, the crypto mixer services, such as Tornado Cash, Chipmixer and others, were created for those users who wanted a privacy-focused crypto transfer solution, so that no one could track what they did with their money.

Why do criminals use cryptomixers?

Chainalysis said it is actively working to bring out a security protocol that effectively reduces the value of cryptomixers, as well as reducing their value to cyber-cryptocriminals.

“Mixers may soon become obsolete, as Chainalysis continues to refine the ability to demix certain mixing transactions and see users’ original source of funds. But for now, our data shows that mixers are receiving more cryptocurrency than ever in 2022,” the report said.

According to the report, the following could be some of the reasons why criminals use mixers to transfer their ill-gotten crypto funds.

Sanctions against Russian and North Korean groups: Chain analysis researchers found another trend, that is, the volume and activity of funds sent via cryptomixers increased after the sanctions were imposed on Russia and North Korea.

“Money sent to mixers by cybercriminal groups linked to Russia, and especially those linked to North Korea, has increased dramatically in 2021 and 2022,” the report said.

Chainalysis also found that the world’s largest Dark Net marketplace of Russian origin, Hydra, which was shut down and sanctioned by US law enforcement and the German Federal Police, accounted for close to 50.4 percent of all funds moved to mixers from sanctioned entities this year.

Hydra facilitated and played an active role in the laundering of funds from other Dark Net markets, crypto-thefts, ransomware proceeds, the sale of stolen data, and cyber-attacks, among others.

“Given the outsized role Russia plays in cybercrime, and the connections some of these cybercriminal groups have to Russian intelligence services, an increase in funds moving from services like Hydra to mixers could be significant from a national security standpoint,” the Chainalysis report said . .

Apart from Hydra (50.4 percent), the Lazarus group (linked to the North Korean government) accounted for 30 percent, while Blender.io accounted for 18.8 percent, and the others the remaining 0.8 percent.

“The Lazarus Group is a cybercrime syndicate responsible for multiple cryptocurrency hacks on behalf of the North Korean government. As early as 2022, hackers linked to the North Korean government are believed to have stolen over $1 billion worth of cryptocurrency, mostly from DeFi protocols, Chainalysis said in the report.

Decentralized Finance (DeFi): Chainalysis said DeFi protocols, and most notably, addresses associated with illegal activity have risen not only in terms of value sent to mixers, but also in terms of the share of all volume sent to mixers.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *