The amount of cryptocurrency circulating in privacy-enhancing mixing services hit an all-time high this year, with funds from wallets belonging to government-sanctioned groups and criminal activity nearly doubling, researchers reported Thursday.
Mixers, also known as tumblers, obfuscate cryptocurrency transactions by creating a disconnect between the funds a user deposits and the funds the user withdraws. To do this, mixers combine the funds deposited by a large number of users and mix them randomly. Each user can withdraw the entire amount deposited, minus a cut for the mixer, but since the coins come from this confusing pool, it is more difficult for blockchain investigators to track precisely where the money went.
Significant risk of money laundering
Some mixers provide additional obfuscation by allowing users to withdraw funds of different amounts sent to different wallet addresses. Others attempt to completely conceal mixing activity by changing the fees on each transaction or changing the type of deposit address used.
Using the blender is not automatically illegal or unethical. Given how easy it is to track the flow of Bitcoin and some other types of cryptocurrency, there are legitimate privacy reasons why anyone might want to use one. But given the widespread use of cryptocurrency in online crime, mixers have become a go-to tool for criminals who want to withdraw money without getting caught by authorities.
“Mixers pose a tough question for regulators and members of the cryptocurrency community,” researchers at cryptocurrency analytics firm Chainalysis wrote in a report that linked the surge to increased volumes deposited. by sanctioned and criminal groups. “Virtually anyone would agree that financial privacy is valuable, and that in a vacuum, there’s no reason why services like mixers can’t provide it. However, data shows that mixers currently pose a significant money laundering risk, with 25% of funds coming from illicit addresses, and cybercriminals associated with hostile governments profiting from this.”
The cryptocurrency received by these mixers fluctuates widely from day to day, so researchers find it more useful to use longer-term measurements. The 30-day rolling average of funds received by mixers hit $51.8 million in mid-April, an all-time high, Chainalysis reported. The high water mark was almost double the inflow volumes at the same point last year. Additionally, illicit wallet addresses accounted for 23% of funds sent to mixers this year, up from 12% in 2021.
As shown in the chart below, the increases stem in part from higher volumes sent from addresses linked to illicit activity, such as ransomware attacks, cryptocurrency scams, and funds stolen by criminals. US government-sanctioned groups. To a lesser extent, volumes sent from centralized exchanges, DeFi or decentralized finance protocols, also drove the rise.
A breakdown of volumes tied to illicit sources shows that the spike is primarily driven by sanctioned entities – mostly of Russian and North Korean origin – followed by cryptocurrency thieves and fraudsters pushing investment scams in cryptocurrency.
The sanctioned entities are run by Hydra, a Russia-based dark web marketplace that serves as a haven for criminals to buy and sell services and products to each other. In April, the US Treasury Department sanctioned Hydra for thwarting the group’s efforts to liquidate their ill-gotten products. Two North Korean hacking groups, one known as Lazarus and the other known as Blender.io, accounted for most of the remaining volume of sanctioned groups.
Despite their usefulness, mixers suffer from a critical Achilles heel: large transactions make them inefficient, which means they operate less efficiently when people use them to deposit large amounts of cryptocurrency.
“Because users receive a ‘mix’ of funds contributed by others, if one user floods the mixer and contributes significantly more than the others, much of what they end up with will be made up of the funds they originated, making it possible to trace funds back to their original source,” Thursday’s report explained. “In other words, mixers work best when they have a large number of users, all of whom are mixing comparable amounts of cryptocurrency.”