How hackers and cybercriminals launder crypto money


In the cryptosphere, no month goes by without a few large-scale hacks on smart contracts or crypto exchanges, with attackers typically taking away millions of dollars after a successful hack. However, laundering crypto assets to the point where they can spend their illicitly earned money is a difficult process.

Chain bleaching

The first step in escaping crypto asset theft is to somehow transfer the stolen funds to a clean wallet, or rather a series of wallets whose addresses are in no way associated with the theft. Hackers are aware that the very moment they take off with their score, they are wanted, not only by the people they stole, but also by law enforcement authorities and the crypto community at large. .

Of course, it is not possible to simply transfer illicit funds to another wallet without tainting that other wallet as well. That is, unless a privacy coin like Monero or ZCash is used, but the vast majority of assets stolen from exchanges or smart contracts are not privacy coins. Converting them to a private room is also not possible as it would require the use of a centralized exchange.

Centralized exchanges should be avoided at all costs when trying to launder stolen crypto funds, as most exchanges require all users to undergo KYC / AML checks. Those that don’t require the KYC / AML for withdrawals are usually smaller exchanges with a bad reputation and using one to withdraw large amounts can easily set off a red flag for law enforcement.

Additionally, these exchanges are often not liquid enough to handle million dollar conversions and a sharp drop in the trading price for one or more assets can also alert the community that something fishy is going on. Decentralized exchanges can be used to convert assets held on the same blockchain, such as ERC-20 tokens to Ether, but they cannot be used to convert assets into privacy coins.

In all likelihood, it will become necessary to use an anonymization service, such as a coin mechanism, to hide the origin of illicit funds. These services take the input transactions and break them down into smaller denominations that cannot be distinguished from each other. For example, a hacker could send 14.39 BTC as an entry transaction to the coin mixer and would receive an exit transaction of 10 BTC, 4 exits of 1 BTC, 3 exits of 0.1 BTC and 9 exits of 0.09 BTC.

The exit transactions are then mixed with exit transactions from legitimate sources that use the same anonymization service. As a result, neither blockchain forensics nor law enforcement can distinguish which exit transactions originate from legitimate sources and which do not.

Off-line bleaching

If done correctly, hackers end up with a large number of wallets containing crypto assets whose origins are unknown besides being from a coin mixer. This does not mean, however, that an attacker can now spend money freely in the off-chain world. If they are relocated and deposited in a personal bank account in large amounts, financial authorities will start asking questions.

Even when the origin of funds is properly anonymized, it is still dirty money and the rules of traditional money laundering apply. When questioned by financial or tax authorities, the hacker should always be able to credibly explain where the money is coming from. Beside traditional methods Used for money laundering, cryptocurrencies have made possible new methods, such as online casinos that accept cryptocurrency.

It is also possible to use dirty crypto money to purchase luxury items or common expense items such as gift cards. Smaller amounts can be withdrawn using Bitcoin ATMs. However, this is still not enough to launder millions of dollars for most ordinary people. The online nature of cryptocurrencies makes it a bit easier to deposit money into an offshore bank account or set up a shell company, or even a legitimate business that helps launder larger amounts.

Lately, art trade has become an increasingly popular vehicle for money laundering and it would not be surprising if this spills over to digital art and other types of NFT as well. In fact, it is quite possible that this is already happening and that hackers are now using the growing subjective value of NFTs as a means of cashing in their stolen funds.


There are a growing number of blockchain analysis companies such as Elliptic and Chainalysis that specialize in forensics as one of their services. These companies work closely with law enforcement to reduce the risk of chain money laundering. So far, they can track crypto transactions and link wallet addresses to the identity of their holder if the wallet contains funds from an illegitimate source.

Analysis companies also collaborate with exchanges, which also have an interest in preventing money laundering. Among the metrics, analytics companies can calculate a risk score for addresses that wish to deposit funds on an exchange. For example, the risk score can increase when the majority of funds in a portfolio come from a coin mixer.

Victims of smart contract exchanges or hacks can also take steps to make money laundering more difficult for the perpetrator, for example by posting a list of withdrawal addresses. Other exchanges, coin mixers, and other crypto services can then blacklist these addresses, and forensics companies can use this information to more easily locate the hacker.

Source link