Criminals turn to cross-blockchain tools to hide billions in cryptocurrencies
Criminals are using complex new blockchain technologies to hide and launder billions in ill gotten gains.
At least $4bn (£3.6bn) worth of illicit crypto-assets has been laundered via various “cross-chain” technologies, that let both legitimate and illegitimate users move funds between blockchains, analytics firm Elliptic said.
Decentralised exchanges (DEXs), cross-chain bridges, and coin-swap services are being used for money laundering due to the extra levels of anonymity they provide.
The cross-chain technologies give hackers, sanctions avoiders, and cybercriminals new opportunities to fly under the radar of legacy blockchain analytics tools, which have traditionally only been able to trace transactions across one digital-asset at a time.
DEXs – decentralized peer-to-peer cryptocurrency marketplaces that let users buy and sell digital assets between themselves without oversight or intervention from a central authority – have been used to launder $1.2bn in funds, the report from Elliptic said.
A further $1.8bn in funds have been laundered through cross-chain bridges, or blockchain bridges, which use smart-contracts to allow for seamless transfers of cryptocurrencies, such as Bitcoin and Ethereum, between blockchains.
At the same time, coin-swap services, which let users exchange coins between themselves – often without any oversight or identification requirements – have also been used to obfuscate the origins of a further $1.2bn in illicit funds, the report says.
The use of various chain-hopping tools help to obfuscate transaction trails and hinder investigations.
In one case, North Korea’s state-backed Lazarus hacking group – which has previously been linked to a series of crypto-based heists – used two DEXs and a cross-chain bridge to hide $540m worth of funds, including 138,600 Eth.
The report notes that while “use of these services is overwhelmingly legitimate,” the lack of checks on these platforms means “criminal face little resistance when using them for malicious purposes”.