why tackling ‘crypto mixers’ could be a game-changer

It’s a first. On Friday, May 6, the U.S. Treasury Department sanctioned a cryptocurrency “mixer,” a service responsible for distorting the traces of blockchain transactions. The company in the target, Blender.io, is accused of having participated in the laundering of more than $ 20 million stolen by the cyber-criminal gang Lazarus.

In March, this group of hackers, linked to the North Korean state, hacked into a network called the Ronin Network, which acted as an intermediary between video games based on NFT Axie Infinity and Ethereum Blockchain. They thus embezzled the platform’s revenue for a booty of $ 620 million.

Scramble transactions

On public blockchains, such as Bitcoin or Ethereum, anyone can observe the amount of cryptocurrency placed on any wallet, as well as the transactions between them. The identity of the wallet holders is admittedly not stated, but it can be deduced quite easily, especially when the amounts become large.

Some companies, such as Chainalysis and Elliptic for the best known, specialize in the observation and analysis of blockchains. Public authorities are also investigating transactions. In theory, this transparency could prevent criminals from using cryptocurrency conversion as a money laundering technique.

This is where mixers come in. These services will use thousands of different wallets to encrypt cryptocurrency transactions. Thus, if a user wants to send 250 bitcoins from wallet A to wallet B, he will be charged the sum (along with a commission indexed to the complexity of the mix) on wallet A by several wallets, then he will receive this same amount of portfolio B, from other portfolios. Thanks to the mixer, no connection can be established between the user’s A and B purse, which can greatly complicate the work of law enforcement.

The end of an era for mixers?

Friday’s decision by the US Treasury Department may mark the end of an era of blenders. Although these services are mostly believed to be used for legal transactions, their role in money laundering of cybercrime activities, including ransomware, is an open secret. “LVirtual currency mixers that support illegal transactions are a threat to US national security“said Brian E. Nelson, Deputy Secretary of the Treasury for Terrorism and Financial Intelligence.

Here, the identity of the service user, Lazarus Group, is problematic: the gang is part of the APT (advanced persistent threats) the most famous in the world, and the Ministry of Finance has had it in the binoculars since 2019. The APTs are particularly formidable: funded and supported by a state, these groups of hackers have a more sophisticated strike force than the other traditional cybercriminal gangs. . The regulatory department of the US Treasury Department, theOffice of Foreign Asset Control (OFAC) had already blacklisted cryptocurrency wallets linked to Lazarus’ activity, and it added new ones last Friday.

OFAC accuses Blender.io of “facilitate illegal transactions by obscuring their origins, destinations and counterpartiesThe site was not seized, but went offline over the weekend before reappearing on Monday. It still appears to be in a bad position: OFAC has also identified links between Blender .io and wallets used by major ransomware operators such as Ryuk, REvil (Sodinokibi) and Conti.Elliptic add that the site was probably used to launder funds from the illegal online market Hydra, also sanctioned by Treasure this year.

Blenders do not verify the identity of their users, which means that Blender.io’s case is highly unlikely to be an isolated case. In August 2021, the mixer operator Helix confessed to involvement in money laundering of $ 300 million, and in April 2022, the Bitcoin mixer operator Frog was charged with money laundering of $ 335 million. Unfortunately for Blender.io, his case is the first to directly involve the US Treasury Department. But this tendency of public authorities to seize the issue is not unique to the United States. The British Crime Agency had already called for blenders to be regulated in March 2022.

Unfortunately, cybercriminals have a clear way out even if the mixers are sanctioned. Some cryptocurrencies, such as Monero, rely on private, fully opaque blockchains that completely prevent transaction tracking. Many gangs and other illegal markets are already asking their victims or users to prefer the use of these cryptocurrencies over Bitcoin and Ethereum (the two most popular cryptocurrencies).