The cryptocurrency mixer business reaches new highs in 2022

As cryptocurrency deposited in mixers reached all-time highs in 2022, Chainalysis estimated that their use may soon end.

In a blog post on Thursday, the cryptocurrency analytics provider shared the factors that led to this significant spike, including the increase in volumes sent to centralized exchanges and decentralized finance (DeFi) protocols, as well as addresses. offenses which represented the highest amount. However, thanks to improved tracking capabilities and increased law enforcement efforts, Chainalysis predicted that threat actors may soon choose alternative methods to hide illegal funds.

Chainalysis pointed out that while mixers and mugs are a “go-to tool” for cybercriminals seeking financial anonymity and a way to hide their money trail, these services remain legitimate uses. Both illegal and legal uses contributed to a sharp increase in April.


“Although the value received by the mixers fluctuates widely from day to day, the 30-day moving average reached an all-time high of $ 51.8 million in cryptocurrency on April 19, 2022, nearly doubling inbound volumes in 2021 at the same time,” read the blog post.

The peak was followed by a sharp drop in May and June, which Chainalysis attributed to better tracking. Kim Grauer, research director at Chainalysis, said this was also related to the attacks.

“The volatility is due to the fact that mixer usage is related to hacking activity and hacks are rather discrete events that are not consistent over time. In other words, the increased usage matches the hacks, ”Grauer said in an email to SearchSecurity.

In April, threat actors hacked the Mailchimp email marketing platform to target cryptocurrency companies with a phishing campaign. Later that month, the DeFi Beanstalk Farms platform was drained of over $ 180 million in cryptocurrency assets; Beanstalk Farms is just one of many cryptocurrency and DeFi platforms that have lost funds to malicious actors this year.

Additionally, REvil resumed its ransomware operations in April and not only hacked into Oil India, a natural resources company, but also leaked its data, a method used to trick companies into paying a ransom. Threat actors expect ransoms to be paid in cryptocurrency.

While May and June saw fewer shares, Chainalysis said mixer usage remained near all-time highs in 2022. Although the blockchain platform said the rise coincided with the growing popularity of DeFi’s form platforms in that. moment, the increase in illicit movements of cryptocurrency has been more evident. to the mixers.

According to the blog, illicit addresses represented 23% of funds sent to mixers, up from 12% in 2021. These addresses included ransomware, stolen funds, scams, dark web markets, cybercriminal administrators and sanctioned entities.

“What stands out the most is the huge volume of funds transferred to mixers from addresses associated with sanctioned entities, particularly in the second quarter of 2022,” the blog post states.

According to Chainalysis, the closure of the largest cybercrime market on the dark web, Hydra, which was sanctioned by the Office of Foreign Assets Control (OFAC) in April, accounted for 50% of all funds transferred from mixers to sanctioned entities. . The Russian-language market has played a significant role in laundering funds from cryptocurrency theft and ransomware attacks.

Entities backed by the North Korean state Lazarus and received almost all the remaining funds. The Lazarus Group is known for high-profile attacks such as the WannaCry ransomware and, more recently, developer Axie Infinity Sky’s Mavis breach, in which the group stole $ 600 million in cryptocurrency. After investigators discovered that the money had been laundered via, OFAC issued sanctions against the cryptocurrency blender.

“Overall, if we label cybercrime organizations with known affiliations to nation states, we can see that these groups represent a large and growing share of illicit cryptocurrency sent to mixers,” the blog post states.

Despite the massive increase in mixer activity in 2022, Chainalysis noted on the blog that mixers may soon become obsolete. As monitoring improves, bringing law enforcement to the original source of funds, actors may be forced to turn to other avenues.

“It’s not certain that mixers will become obsolete,” Grauer said. “But the combination of capabilities not mixed with law enforcement and regulatory developments could bring them out of favor.”

Leave a Comment