While privacy advocates all cryptocurrency mixers as an important way to protect individual users’ identities, a new report from blockchain intelligence firm Chainalysis says that the largest portion of crypto sent to mixers this year has been from cybercriminals and nation states.
“Illicit addresses account for 23% of funds sent to mixers so far in 2022, up from 12% in 2021,” Chainalysis reports.
The firm acknowledges that there are many legitimate reasons to use mixers, such as trading crypto under an oppressive government or anonymizing legal but sensitive transactions.
“However, mixers’ core functionality, combined with the fact that they rarely, if ever, ask for KYC [Know Your Customer] information, makes them naturally attractive to cybercriminals,” Chainalysis writes.
The tracking firm also says that mixers have received more cryptocurrency in 2022 than ever before.
Cryptocurrency mixers are services that allow users to erase the digital money trail left by most transactions on blockchain networks like Bitcoin and Ethereum. These services make it harder to follow the trail that would be publicly and easily accessible on the blockchain.
As the name implies, mixers—also known as tumblers—pool together cryptocurrency deposited by many users and mix them. Users then receive funds from the obfuscated pool equivalent to what they put in, minus fees.
According to Chainalysis, mixers are classified as money transmitters in the United States under the Bank Secrecy Act (BSA). Money transmitters are required to register with FinCEN and implement an anti-money laundering program. Even so, the firm says it is unaware of any mixers currently following rules related to KYC or AML (Anti-Money Laundering) policies.
US authorities have charged, sanctioned, and fined several mixer operators since 2021.
In August 2021, Larry Harmon, CEO of Bitcoin mixer Helixpleaded guilty to money laundering fillers for allegedly laundering 354,468 Bitcoin, around $300 million at the time. Harmon, who also operated the Coin Ninja mixing service, was found $60 million.
In April, the US Justice Department announced that it had cooperated with German law enforcement to sixteen Russian darknet site Hydra‘s servers and sanctioned the site.
In May, The US Treasury Department’s Office of Foreign Assets Control issued sanctions against a cryptocurrency mixing service, Bender.iowith links to North Korea, in what the Treasury calls a first-of-its-kind stock. According to the agency, at least $21 million of the $622 million stolen in the Axie Infinity Ronin bridge hack was sent to Blender.
Last month, cybercriminals sent $36 million in stolen Ethereum from Harmony Protocol’s Sky bridge to the Tornado Cash mixing service. That same month, Chainalysis launched a 24-hour incident response program to assist those targeted by hackers and ransomware.
Chainalysis says the funds going to mixers comes primarily from centralized exchanges, DeFi protocols, and addresses connected to illicit activity linked to sanctioned countries, darknet markets, and hackers, such as the North Korean Lazarus Group.
But mixers may soon become obsolete—or so Chainalysis claims, as the firm “continues to refine” its ability to de-mix certain transactions and see the original source of funds.
Want to be a crypto expert? Get the best of Decrypt straight to your inbox.
Get the biggest crypto news stories + weekly roundups and more!
Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.