While overall crypto laundering has decreased, sophisticated criminals like the Lazarus Group are transitioning from mixers to cross-chain bridges. Cryptocurrencies present a new frontier for money laundering, challenging traditional methods. Blockchain’s transparency exposes every transaction, yet criminals creatively seek to conceal their funds, aiming to convert illicit cryptocurrencies into fiat currency unnoticed.
The “2024 Crypto Crime Money Laundering Report” by Chainalysis highlights a significant shift in tactics, reflecting broader changes in digital financial crime. This analysis showcases criminals’ adaptability to technology and the ongoing struggle between illicit actors and regulatory efforts to combat money laundering in the digital era.
There’s a decline in cryptocurrency laundering.
New data from Chainalysis highlights a noteworthy change in cryptocurrency transactions associated with illegal activities in 2023. Illicit addresses transferred $22.2 billion to different services, marking a significant decrease from $31.5 billion in 2022. This reduction surpasses the overall decline in transaction volume, with money laundering activities dropping by 29.5% compared to a 14.9% decrease in total transaction volume. This difference implies that factors beyond mere transactional slowdowns contribute to the decrease in cryptocurrency laundering.
The cumulative amount of cryptocurrency laundered annually between 2019 and 2023.
The decrease in cryptocurrency laundering can be attributed to various factors, including the substantial impact of aggressive actions by U.S. authorities against crypto mixers. These services, renowned for mixing illicit funds to conceal their source, have encountered intensified prosecution, leading to a significant reduction in their operations within the laundering network.
There’s a decline in mixer activity.
The closure of Tornado Cash in August 2022 marked a pivotal moment for the crypto mixer sector, presaging subsequent crackdowns like the shutdown of Sinbad by U.S. authorities on November 29, 2023. These enforcement actions have greatly affected cryptocurrency launderers who rely on mixers to conceal the source of illegal funds. According to the Chainalysis report, there has been a significant drop in funds sent to mixers from illicit addresses, decreasing from $1.0 billion in 2022 to $504.3 million in 2023.
The aggregate illicit value transferred to mixers from 2019 to 2023.
Despite U.S. attempts to thwart cryptocurrency laundering and the shutdown of Sinbad, the Lazarus Group, a North Korean hacker collective linked to their government, has quickly adjusted. According to the report, since January 2024, the Lazarus Group has been receiving funds through YoMix.
Activity on YoMix increased fivefold in 2023, with approximately one-third of its inflows originating from wallets associated with cryptocurrency hacks. This Chainalysis data highlights the ongoing adaptability of cybercriminals in reaction to regulatory pressures.
The quarterly indexed increase in funds sent to YoMix in 2023.
While illicit services are shrinking, Chainalysis observes a transformation in the laundering terrain: a growing share of illicit cryptocurrency funds is funneling into decentralized finance (DeFi) protocols. The report highlights a surge in funds allocated to gambling services and bridge protocols, signaling evolving tactics among individuals aiming to conceal the source of illicit funds.
Cross-chain bridges are gaining popularity among cryptocurrency criminals.
Despite evolving tactics, crypto criminals persistently favor centralized exchanges (CEX) as a means to channel illicit funds, indicating a consistent preference in their laundering strategies.
The destination of funds exiting illicit wallets between 2019 and 2023.
Although the rise in illicit funds flowing through cross-chain bridges in 2023 may seem minor in comparison to centralized exchanges (CEX), examining the data in detail reveals a notable surge in their utilization for illicit transactions.
The overall illicit value transferred to bridges from 2019 to 2023.
Centralized exchanges (CEX) pose a risk for crypto criminals due to the potential for authorities or the exchanges themselves to freeze illicit funds. In contrast, decentralized protocols lack such controls, presenting fewer obstacles for criminals. However, on-chain analysts can still trace fund movements through DeFi protocols, albeit with greater difficulty than with centralized services. Chainalysis’s study reveals a growing trend: a rising volume of stolen funds is being funneled into cross-chain bridges, emerging as a new favored destination for illicit activities.
Shift in the utilization of money laundering services across different crime categories between 2022 and 2023.
Kim Grauer, Director of Research at Chainalysis, emphasized to Cointelegraph that Avalanche and THORChain are significantly utilized blockchains for illicit activities, based on their latest data. Crypto criminals increasingly exploit cross-chain bridges, facilitating fund transfers across diverse blockchains, to obfuscate their laundering endeavors. This tactic allows them to distribute illicit funds across a wider range of services and deposit addresses, complicating detection efforts by law enforcement and exchange compliance teams. Moreover, diversifying assets across multiple addresses aims to reduce risks linked to the freezing of any single address due to suspicious activities.
Can cross-chain bridges prevent engagement with illicit funds or the Lazarus Group as a client?
Operating via smart contracts, cross-chain bridges theoretically possess the ability to block funds from sanctioned entities like the Lazarus Group by implementing blacklists. Grauer clarified that this mechanism is not merely theoretical: The Office of Foreign Assets Control (OFAC) has already compiled a list of sanctioned wallet addresses, which crypto firms are leveraging to prevent these wallets from conducting transactions through their platforms. She stressed the importance for service providers to actively identify and deter potential illicit activities, including money laundering.
Furthermore, she proposed that bridge developers and operators could utilize blockchain analysis tools to identify and prevent misuse by illicit actors. Failing to adopt such preventive measures poses a risk, particularly for bridges frequently used by entities like the Lazarus Group. Should this trend persist, it may necessitate the implementation of stricter regulatory measures by bridges to avoid outcomes akin to those experienced by Sinbad or Tornado Cash.
