Attacks on DeFi platforms, crypto exchanges and related websites have become somewhat of a constant fixture in the past couple of years. When using a mixer, the user pools his tokens with those of others, receiving them back after they have been scrambled with assets provided by others, minus the fee charged by the mixing service.
If successful, hijacked proceeds often pass through crypto mixers — services intended to disguise the origin of a crypto transaction — before eventually ending up in the wallets of exploiters. The mixture is fortunately not always successful. For example, if a bad actor deposits large amounts of stolen crypto, the proportion of funds clearly coming from them allows the exchanges they often end up on to trace the funds anyway.
Mixers Are Not Inherently Bad for Crypto
It’s important to note that cryptocurrency mixers are, overall, in large with one of the original principles of the crypto market: anonymity. Many people who use mixers are simply using them in an attempt to maintain their privacy or to get around legislation in their home country prohibiting or hindering the use of their own assets.
Unfortunately, a recent report by blockchain data analysts at Chainalysis shows that the percentage of funds coming from cybercriminals and other malicious actors hit an all-time high in 2022, after increasing throughout 2021.
The highest volume to pass through crypto mixers was reached in April 2022 – $51.8 million worth of digital assets, to be exact. This is almost double the volume recorded in April of 2021 – although, to be fair, that month presented a slight slump in total volume.
Sanctioned entities represent a significant share of the market
The sanctioned entities are cybercrime syndicates recognized and sanctioned by authorities around the world, such as Hydra Market or the North Korean group Lazarus, allegedly the masterminds behind the exploitation of the Harmony Bridge, and many other attacks.
“Lazarus Group is a cybercrime syndicate responsible for several cryptocurrency hacks on behalf of the North Korean government, and along with associated groups remains extremely active today. Already in 2022, hackers associated with the North Korean government are believed to have stolen over $1 billion worth of cryptocurrency, mostly from DeFi protocols.”
In 2022, the percentage of funds associated with sanctioned entities reached 23% of funds that passed through blended services, almost double the figure for 2021 – 12%.
Out of this number, 50.4% are associated with Hydra Marketplace – a Russia-based dark market shut down in April by German authorities. A further 30% are associated with the Lazarus Group, and 18.8% with Blender.io. The remaining 0.8% are associated with various small-time cybercrime organizations.
Although mixers represent an important part of the blockchain ecosystem, helping to provide anonymity to crypto users who may not wish to use privacy coins, their popularity among cybercriminals cannot be overlooked. They present a complicated problem for regulators looking to stop cybercrime without harming legitimate users who simply profit from the privacy associated with these services.
