German and US authorities, supported by Europol, have targeted ChipMixer, a cryptocurrency mixer well-known in the cybercriminal underworld. The investigation was also supported by Belgium, Poland and Switzerland.
„On 15 March, national authorities took down the infrastructure of the platform for its alleged involvement in money laundering activities and seized four servers, about 1909.4 Bitcoins in 55 transactions (approx. EUR 44.2 million) and 7 TB of data.” – according to the press release.
ChipMixer, an unlicensed cryptocurrency mixer set up in mid-2017, was specialised in mixing or cutting trails related to virtual currency assets. The ChipMixer software blocked the blockchain trail of the funds, making it attractive for cybercriminals looking to launder illegal proceeds from criminal activities such as drug trafficking, weapons trafficking, ransomware attacks, and payment card fraud. Deposited funds would be turned into “chips” (small tokens with equivalent value), which were then mixed together – thereby anonymising all trails to where the initial funds originated.
A service available both on the clear and on the darkweb, ChipMixer offered full anonymity to their clients. This type of service is often used before criminals’ laundered crypto assets are redirected to cryptocurrency exchanges, some of which are also in the service of organised crime. At the end of the process, the ‘cleaned’ crypto can easily be exchanged into other cryptocurrencies or directly into FIAT currency though ATM or bank accounts.
The investigation into the criminal service suggests that the platform may have facilitated the laundering of 152 000 Bitcoins (worth roughly EUR 2.73 billion in current estimations) in crypto assets. A large share of this is connected to darkweb markets, ransomware groups, illicit goods trafficking, procurement of child sexual exploitation material, and stolen crypto assets. Information obtained after the takedown of the Hydra Market darkweb platform uncovered transactions in the equivalent of millions of euros.
Ransomware actors such as Zeppelin, SunCrypt, Mamba, Dharma or Lockbit have also used this service to launder ransom payments they have received. Authorities are also investigating the possibility that some of the crypto assets stolen after the bankruptcy of a large crypto exchange in 2022 were laundered via ChipMixer.
The subject of fraud & cyber protection in the crypto space will be discussed at Banking 4.0
Banking 4.0 – „how was the experience for you”
„So many people are coming here to Bucharest, people that I see and interact on linkedin and now I get the change to meet them in person. It was like being to the Football World Cup but this was the World Cup on linkedin in payments and open banking.”
Many more interesting quotes in the video below: