A coalition of European and US law enforcement agencies has announced the takedown of ChipMixer, an unlicensed cryptocurrency mixer that began operating in August 2017.
“ChipMixer software blocked the blockchain trail of funds, making it attractive to cybercriminals looking to launder illicit proceeds from criminal activities such as drug trafficking, arms trafficking, ransomware attacks, credit card fraud, and more. has become,” Europol said in a statement.
The coordinated exercise also led to the seizure of $47.5 million in Bitcoin and 7 TB of data, in addition to the demolition of Clearnet and Dark Web websites associated with ChipMixer.
Mixers, also known as tumblers, offer complete anonymity for a fee by mixing cryptocurrencies (both legitimate and criminally derived) from various users in a way that makes it difficult to trace their origin. Offers.
This is achieved by aggregating various payments into a single pool and then splitting each amount and sending it to designated recipients. This makes it an attractive option for criminals looking to cash in tainted money and exchange it for fiat currency.
According to a January 2023 Chainalysis report, “Mixers will process a total of $7.8 billion in 2022, 24% of which will come from illicit addresses,” and “a large portion of the illicit value processed by mixers.” Part consists of stolen funds, most of which were stolen by North Korea-linked hackers.”
ChipMixer, the world’s largest centralized crypto mixer service, is estimated to have laundered $3.75 billion worth of digital assets (152,000 BTC) to facilitate various criminal schemes.
Blockchain analytics firm Elliptic said ChipMixer was used to launder more than $844 million in bitcoin, potentially leading directly to criminal activity.
“ChipMixer was one of the various mixers used to launder the proceeds of the North Korean Lazarus Group hack,” said Elliptic co-founder and chief scientist Tom Robinson. said.
This includes the KuCoin theft in September 2020 and the Axie Infinity Ronin Bridge and Harmony Horizon Bridge hacks that occurred last year.
Lazarus Group is not the only notorious client that used the service to obfuscate financial information. Other prominent actors consist of ransomware crews such as LockBit, Sodinokibi (aka REvil), Zeppelin, Mamba, Dharma, and SunCrypt.
Additionally, ChipMixer is said to have collected over $200 million in Bitcoin related to purchases from darknet markets, including $60 million from a now-deceased Hydra customer.
According to the U.S. Department of Justice (DoJ), the mixer platform was used by the Russian-affiliated APT28 hacking group (a.k.a. Fancy Bear or Strontium) to procure infrastructure used in connection with a malware called Drovorub. We have also processed cryptocurrencies.
Concurrent with the crackdown, DOJ also indicted Minh Quốc Nguyễn, a 49-year-old Vietnamese citizen, for his involvement in creating and running ChipMixer’s online infrastructure and promoting its services.
Discover the hidden dangers of third-party SaaS apps
Are you aware of the risks associated with third-party app access to your company’s SaaS apps? Join our webinar to learn about the types of permissions granted and how to minimize the risks.
reserve a seat
“ChipMixer has facilitated the laundering of cryptocurrencies, especially Bitcoin, on a massive international scale, helping all sorts of nefarious actors and criminals to evade detection,” said Jacqueline C. Romero Federation. the prosecutor said.
“Platforms like ChipMixer, designed to hide the origin and destination of vast amounts of criminal proceeds, undermine public trust in cryptocurrencies and blockchain technology.”
The development is the latest in a series of law enforcement actions taken by governments around the world to tackle cybercrime, with “criminal proceedings” being launched against suspected core members of the DoppelPaymer ransomware gang. It’s been a few weeks since.
ChipMixer is also the fourth mixer service to be outlawed in the past few years, following the Bestmixer, Blender, and Tornado Cash chaos. Two of the latter were sanctioned by the US Treasury Department last year for abetting the Lazarus Group and other threat actors. Laundering of ill-gotten proceeds.
