Authorities Shut Down ChipMixer Platform Tied to Crypto Laundering Scheme

1 year ago AndyC

Mar
16,
2023Ravie
LakshmananCyber
Crime
/
Cryptocurrency

A
coalition
of
law
enforcement
agencies
across
Europe
and
the
U.S.

announced
the
takedown
of
ChipMixer,
an
unlicensed
cryptocurrency
mixer
that
began
its
operations
in
August
2017.

Authorities Shut Down ChipMixer Platform Tied to Crypto Laundering Scheme



Mar
16,
2023Ravie
LakshmananCyber
Crime
/
Cryptocurrency


Authorities Shut Down ChipMixer Platform Tied to Crypto Laundering Scheme

A
coalition
of
law
enforcement
agencies
across
Europe
and
the
U.S.

announced
the
takedown
of
ChipMixer,
an
unlicensed
cryptocurrency
mixer
that
began
its
operations
in
August
2017.

“The
ChipMixer
software
blocked
the
blockchain
trail
of
the
funds,
making
it
attractive
for
cybercriminals
looking
to
launder
illegal
proceeds
from
criminal
activities
such
as
drug
trafficking,
weapons
trafficking,
ransomware
attacks,
and
payment
card
fraud,”
Europol

said
in
a
statement.

The
coordinated
exercise,
besides
dismantling
the
clearnet
and
dark
web
websites
associated
with
ChipMixer,
also
resulted
in
the
seizure
of
$47.5
million
in
Bitcoin
and
7
TB
of
data.

Mixers,
also
called
tumblers,

offer
full
anonymity
for
a
fee
by
commingling
cryptocurrency
from
different
users

both
legitimate
and
criminally-derived
funds

in
a
manner
that
makes
it
hard
to
trace
the
origins.

This
is
achieved
by
funneling
different
payments
into
a
single
pool
before
splitting
up
each
amount
and
transmitting
them
to
designated
recipients,
thereby
turning
it
into
an
attractive
option
for
criminals
looking
to
cash
out
and
exchange
the
tainted
money
for
fiat
currency.

According
to
a

report
from
Chainalysis
in
January
2023,
“mixers
processed
a
total
of
$7.8
billion
in
2022,
24%
of
which
came
from
illicit
addresses,”
and
“the
vast
majority
of
illicit
value
processed
by
mixers
is
made
up
of
stolen
funds,
the
majority
of
which
were
stolen
by
North
Korea-linked
hackers.”

ChipMixer,
the
world’s
largest
centralized
crypto
mixer
service,
is
estimated
to
have
laundered
no
less
than
$3.75
billion
worth
of
digital
assets
(152,000
BTC)
to
further
a
wide
range
of
criminal
schemes.

Blockchain
analytics
firm
Elliptic
said
ChipMixer
has
been
used
to
launder
over
$844
million
in
Bitcoin
that
can
be
linked
directly
to
criminal
activity.

“ChipMixer
was
one
of
a
variety
of
mixers
used
to
launder
the
proceeds
of
hacks
perpetrated
by
North
Korea’s

Lazarus
Group,”
Elliptic’s
co-founder
and
chief
scientist,
Tom
Robinson,

said.

This
comprises
the

KuCoin
theft
in
September
2020
as
well
as
the

Axie
Infinity
Ronin
Bridge
and

Harmony
Horizon
Bridge
hacks
that
took
place
last
year.


ChipMixer Crypto Platform

The
Lazarus
Group
is
far
from
the
only
infamous
client
to
have
used
the
service
to
obfuscate
the
financial
tracks.
The
other
prominent
actors
consist
of
ransomware
crews
like
LockBit,
Sodinokibi
(aka
REvil),
Zeppelin,
Mamba,
Dharma,
and
SunCrypt.

Additionally,
ChipMixer
is
said
to
have
attracted
more
than
$200
million
in
Bitcoin
linked
to
purchases
originating
from
darknet
markets,
including
$60
million
from
customers
of
the

now-defunct
Hydra.

The
mixer
platform,
per
the
U.S.
Department
of
Justice
(DoJ),
also
processed
cryptocurrency
used
by
the
Russia-linked

APT28
hacking
group
(aka
Fancy
Bear
or
Strontium)
to
procure
infrastructure
employed
in
connection
with
a
malware
called

Drovorub.

Coinciding
with
the
crackdown,
the
DoJ
further
charged
a
49-year-old
Vietnamese
national,
Minh
Quốc
Nguyễn,
for
his
role
in
creating
and
running
ChipMixer’s
online
infrastructure
and
advertising
its
services.


WEBINAR

Discover
the
Hidden
Dangers
of
Third-Party
SaaS
Apps

Are
you
aware
of
the
risks
associated
with
third-party
app
access
to
your
company’s
SaaS
apps?
Join
our
webinar
to
learn
about
the
types
of
permissions
being
granted
and
how
to
minimize
risk.

RESERVE
YOUR
SEAT

“ChipMixer
facilitated
the
laundering
of
cryptocurrency,
specifically
Bitcoin,
on
a
vast
international
scale,
abetting
nefarious
actors
and
criminals
of
all
kinds
in
evading
detection,”
U.S.
Attorney
Jacqueline
C.
Romero

said.

“Platforms
like
ChipMixer,
which
are
designed
to
conceal
the
sources
and
destinations
of
staggering
amounts
of
criminal
proceeds,
undermine
the
public’s
confidence
in
cryptocurrencies
and
blockchain
technology.”

The
development
is
the
latest
in
a

string
of

law
enforcement
actions
undertaken
by
governments
across
the
world
to
tackle
cybercrime,
and
comes
weeks
after
“penal
procedures”
were
initiated
against
suspected
core
members
of
the

DoppelPaymer
ransomware
gang.

ChipMixer
is
also
the
fourth
mixer
service
to
be
outlawed
over
the
past
few
years
following
the
disruption
of

Bestmixer,

Blender,
and

Tornado
Cash,
the
latter
two
of
which
were
sanctioned
by
the
U.S.
Treasury
Department
last
year
for
abetting
Lazarus
Group
and
other
threat
actors
in
laundering
ill-gotten
proceeds.

Found
this
article
interesting?
Follow
us
on

Twitter


and

LinkedIn
to
read
more
exclusive
content
we
post.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

More Stories

Latrodectus Malware Loader Emerges as IcedID's Successor in Phishing Campaigns

Latrodectus Malware Loader Emerges as IcedID’s Successor in Phishing Campaigns

2 hours ago AndyC
Chinese Nationals Arrested for Laundering Million in Pig Butchering Crypto Scam

Chinese Nationals Arrested for Laundering $73 Million in Pig Butchering Crypto Scam

20 hours ago AndyC
Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide

Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide

20 hours ago AndyC
Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking

Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking

3 days ago AndyC
New XM Cyber Research: 80% of Exposures from Misconfigurations, Less Than 1% from CVEs

New XM Cyber Research: 80% of Exposures from Misconfigurations, Less Than 1% from CVEs

3 days ago AndyC
China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT

China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT

3 days ago AndyC

You may have missed

Grandoreiro Banking Trojan is back and targets banks worldwide

Grandoreiro Banking Trojan is back and targets banks worldwide

2 hours ago AndyC
Latrodectus Malware Loader Emerges as IcedID's Successor in Phishing Campaigns

Latrodectus Malware Loader Emerges as IcedID’s Successor in Phishing Campaigns

2 hours ago AndyC
Sekuro Appoints its First Federal Government Security Advisor

Sekuro Appoints its First Federal Government Security Advisor

8 hours ago AndyC
Weekly Update 400

Weekly Update 400

8 hours ago AndyC
Macquarie Uni to spend up to 0m on 10-year digital transformation

Macquarie Uni to spend up to $700m on 10-year digital transformation

11 hours ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.