In 2022, cryptocurrency money laundering reached a new record, with illicit addresses sending US$23.8 billion worth of crypto, a figure which represents a 68% year-on-year (YoY) increase, new data from Chainalysis, an American blockchain analysis firm, show.
Just under half of the funds sent from these addresses traveled directly to centralized exchanges, making these services the biggest recipients of illicit crypto, the report says.
Mainstream centralized crypto exchanges are critical services for money laundering, helping criminals turn their crypto into cash. This is despite being among the most heavily regulated crypto services, and being required to have compliance measures in place to report illegal activities and take action against the users in question.
An analysis of illicit fund transfers revealed that money laundering activity remained highly concentrated in 2022. A total of 915 unique crypto exchange services received illicit crypto last year, the lowest number Chainalysis has seen since 2012, the research found, yet, only five crypto exchanges managed to handle as much as 67.9% of all the illicit funds received by exchanges. The proportion represents an increased concentration compared to 2021, when the top five services received 56.7% of illicit funds.
The report highlights the different ways criminals use centralized exchanges to launder funds. First, some will just send the funds to an exchange where they have a personal account at and cash-out.
Others will work with specialized money laundering service providers who control the accounts and help them convert their crypto into cash once it hits the exchange. These businesses are nested services which are built on top of larger exchanges, using those platforms’ deposit addresses to access liquidity and trading pairs.
According to Chainalysis, a handful of nested services are responsible for the majority of crypto money laundering, with research revealing that four deposit addresses cracked US$100 million in illicit cryptocurrency received in 2022, and, combined, received over US$1 billion.
The report also highlights the rising usage of mixing services for illicit activity. A crypto mixer is a service that blends the cryptocurrencies of many users together to obscure the trail back to the fund’s original source.
Last year, mixers processed a total of US$7.8 billion, 24% of which came from illicit addresses. In comparison, in 2021, these services processed slightly more (US$11.5 billion) but only 10% of these funds came from illicit addresses.
According to Chainalysis, the vast majority of illicit value processed by mixers last year was made up of funds stolen by North Korea-linked hackers.
Though mixers can be used for legitimate reasons, including financial privacy, these services have become popular among criminals to money launder cryptocurrencies, prompting agencies like the Office of Foreign Assets Control (OFAC) of the US Department of the Treasury to implement sanctions.
2022 saw OFAC issue its first-ever sanctions on crypto mixers, designating Blender.io and Tornado Cash for allegedly assisting North Korean hacking syndicate Lazarus Group in laundering stolen cryptocurrencies.
OFAC estimates that Blender.io has helped Lazarus launder over US$20.5 million in “illicit proceeds.” The agency also believes the platform has facilitated money laundering for Russian-linked malign ransomware groups including Trickbot, Conti, Ryuk, Sodinokibi and Ganbcrab.
Tornado Cash, a decentralized mixing service on the Ethereum blockchain, is alleged to have been used to launch more than US$7 billion worth of cryptocurrencies since the platform’s creation in 2019. This includes over US$455 million stolen by Lazarus. Tornado Cash is currently the only decentralized finance (DeFi) protocol to have been sanctioned by OFAC.
2022 was a record-breaking year for hacking, new data from Chainalysis show. A total of US$3.8 billion was stolen from crypto businesses, primarily from DeFi protocols (82.1%) where criminals exploited vulnerabilities found in cross-chain bridge protocols.
Cross-chain bridges are protocols that let user port digital assets and data from one blockchain to another. Their design and specificities vary but most protocols on the market work by “wrapping” tokens in a smart contract and issuing native assets to be used on the other blockchain.
Bridges are an attractive target for criminals because they essentially work as liquidity providers, collecting massive amount of funds and locking them into a central point of storage.
According to Chainalysis, North Korea-linked hackers have been the most prolific crypto hackers of the last few years. In 2022, they stole a record of US$1.7 billion worth of crypto across several hacks which some experts believe has been used to fund the country’s nuclear weapons programs.
Featured image credit: edited from Freepik
