Getty Images
While cryptocurrency deposited into mixers reached all-time highs in 2022, Chainalysis estimated their use could soon come to a halt.
In a blog post Thursday, the cryptocurrency analytics vendor shared factors that led to the significant spike, including increased volumes being sent to centralized exchanges and decentralized finance (DeFi) protocols, as well as illicit addresses that accounted for the highest amount. However, due to better tracking capabilities and increased law enforcement efforts, Chainalysis predicted threat actors may soon choose alternative methods to obfuscate illegal funds.
Chainalysis emphasized that while mixers and tumblers are a “go-to-tool” for cybercriminals looking for financial anonymity and a way to hide their money trail, legitimate uses remain for such services. Illegal and legal uses both contributed to a stark uptick in April.
“While value received by mixers fluctuates significantly day-to-day, the 30-day moving average reached an all-time high of $51.8 million worth of cryptocurrency on April 19, 2022, roughly doubling incoming volumes at the same point in 2021,” the blog post read.
The peak was followed by a steep decline in May and June, which Chainalysis attributed to better tracking. Kim Grauer, director of research at Chainalysis, said it also correlates with attacks.
“The volatility is because mixer usage is correlated with hacking activity, and hacks are rather distinct events that aren’t consistent over time. In other words, surges in usage correspond with hacks,” Grauer said in an email to SearchSecurity.
In April, threat actors breached email marketing platform Mailchimp to target cryptocurrency companies with a phishing campaign. Later that month, DeFi platform Beanstalk Farms was drained of over $180 million in cryptocurrency assets; Beanstalk Farms is just one of several cryptocurrency and DeFi platforms that have lost funds to threat actors this year.
Additionally, REvil resumed ransomware operations in April and not only breached Oil India, a natural resources company, but also leaked its data — a method used to shame companies into paying a ransom. Threat actors expect ransoms to be paid in cryptocurrency.
While May and June saw less action, Chainalysis said mixer usage remains close to all-time highs in 2022. Though the blockchain platform said the increase coincided with the growing popularity of DeFi platforms at the time, more notable was the increase in illicit cryptocurrency moving to mixers.
Illicit addresses accounted for 23% of funds sent to mixers, up from 12% in 2021, according to the blog. Those addresses included ransomware, stolen funds, scams, dark web markets, cybercriminal administrators and sanctioned entities.
“What stands out most is the huge volume of funds moving to mixers from addresses associated with sanctioned entities, especially in Q2 of 2022,” the blog read.
The shutdown of the largest cybercrime marketplace on the dark web, Hydra, which was sanctioned by the Office of Foreign Assets Control (OFAC) in April, accounted for 50% of all funds moving from mixers to sanctioned entities, according to Chainalysis. The Russian-language marketplace played a significant role in laundering funds from cryptocurrency thefts and ransomware attacks.
North Korean state-backed entities Lazarus and Blender.io. received nearly all the remaining funds. The Lazarus group is known for high-profile attacks such as WannaCry ransomware attacks and, more recently, the breach of Axie Infinity developer Sky Mavis, where the group stole $600 million in cryptocurrency. After investigators discovered the money was laundered through Blender.io., OFAC issued sanctions against the cryptocurrency mixer.
“Overall, if we label cybercrime organizations with known nation state affiliations, we can see that these groups make up a significant and growing share of illicit cryptocurrency sent to mixers,” the blog read.
Despite the massive peak in mixer activity in 2022, Chainalysis noted in the blog that mixers may soon become obsolete. As tracking improves, leading law enforcement to the original source of the funds, actors may be forced to pivot to other avenues.
“It’s not certain that mixers will become obsolete,” Grauer said. “But the combination of demixing capabilities with law enforcement and regulatory developments may lead to them falling out of favor.”
Juniper has added three features to its AIOps networking assistant to improve troubleshooting and give more insights into the …
A Florida man has been charged with running a counterfeit operation that duped hospitals, schools, government agencies and the …
Vendors are pushing heavily on the benefits of predictive analysis to automatically identify and remediate network issues. But …
The credit union, one of the nation’s largest, is using the Salesforce platform to deploy chatbots that can handle a growing set …
The pandemic has sent many enterprises into survival mode, which altered the scope of the enterprise architect’s role once again,…
Bellabeat is a women’s health company that has added a private key encryption feature for app users to better protect their data.
PC manufacturers shipped fewer than 80 million computers for the first time in seven quarters as low demand and supply chain …
The PC-as-a-service and device-as-a-service market is still developing and maturing, so organizations should learn who the major …
When organizations consider upgrading to Windows 11, they need to compare the Windows 11 system requirements to their existing …
SaaS licensing can be tricky to navigate, and a wrong choice could cost you. To get it right, examine the different types of …
Walmart built its own cloud platform and tied it to two public cloud providers, creating a multi-cloud architecture that saved …
FinOps promises to help organizations gain more value from their technology spending, especially in the cloud. Do you have the …
Integrated cloud communications platform provider announces availability of communications management service in bid to allow …
Altnet connects more than six-digit amount of new-build homes to its full-fibre network in UK and announces agreements to connect…
A high-profile case brought by NHS whistleblower Chris Day raises questions about the adequacy of information governance …
All Rights Reserved, Copyright 2000 – 2022, TechTarget
Privacy Policy
Cookie Preferences
Do Not Sell My Personal Info
