A cryptocurrency mixer known as ChipMixer is the subject of a joint investigation led by authorities in Germany and the United States, with support from Europol, Belgium, Poland and Switzerland.
An anti-money laundering operation carried out on Wednesday brought down ChipMixer’s infrastructure, seizing 4 servers, 7 TB of data, and 1,909.4 bitcoins (approximately $47.3 million) in 55 transactions.
Most of the seized funds were reportedly related to dark web marketplaces, stolen crypto assets, ransomware groups, illegal goods trafficking, and sourcing child sexual exploitation materials.
“ChipMixer, an unlicensed cryptocurrency mixer founded in mid-2017, specialized in mixing or cutting traces associated with cryptocurrency assets,” Europol said in a blog post published Wednesday. explained.
According to law enforcement, software developed by the ChipMixer threat actor obfuscated the blockchain trail of the funds. Aimed at laundering illicit earnings, cybercriminals used the infrastructure to turn deposited funds into mixed and anonymized “chips.”
“At the end of the process, the ‘clean’ crypto can be easily exchanged for other cryptocurrencies or directly into fiat currency through ATMs and bank accounts,” explained Europol.
With these features, we have confirmed that ransomware actors such as Zeppelin, SunCrypt, Mamba, Dharma, and Lockbit are also using ChipMixer to pay ransoms received.
Find out more about Lockbit here: LockBit Takes Control of 2022 Ransomware Campaign
“It’s always a good day to crack down on crypto money launderers involved in illegal activities,” comments Roger Grimes, data-driven defense evangelist at KnowBe4. “U.S. authorities and their allies have actively worked to close down and sanction illegal mixers wherever possible.”
At the same time, security experts said KnowBe4 has noticed a slight increase in mixers relying on improved methods to hide identities and transaction volumes from public blockchains.
“These efforts make chasing money more difficult,” Grimes added. “It remains to be seen whether criminals will move en masse to these hard-to-trace blockchains, or whether these hard-to-trace blockchains will really become hard-to-trace in the long term.”
The ChipMixer takedown operation comes months after a US cryptocurrency enforcement team arrested a Russian man suspected of playing a key role in the now-dismantled dark web Hydra marketplace.
