US and German police have taken down ChipMixer, a darknet cryptocurrency “mixing” service responsible for laundering more than $3 billion worth of cryptocurrency from ransomware, fraud, and sales of illicit goods and services.
ChipMixer was one of the most widely used mixers to launder the proceeds of crime, allowing people to deposit Bitcoin to be converted into virtual “chips,” then commingled in a way to make the funds hard to trace, the US Department of Justice says.
Unsurprisingly, ChipMixer’s key selling point was anonymity. While the service was reachable from a clearnet web domain, it operated primarily as a Tor hidden service to evade police, court documents say.
According to the DOJ, ChipMixer attracted a significant underworld clientele and became indispensable to criminals seeking to launder funds obtained from illicit activities.
During its six-year tenure, ChipMixer is said to have processed:
· $17 million in Bitcoin for criminals connected to approximately 37 ransomware strains, including Sodinokibi, Mamba and Suncrypt
· Over $700 million in Bitcoin associated with wallets designated as stolen funds
· Funds obtained from heists by North Korean threat actors from Axie Infinity’s Ronin Bridge and Harmony’s Horizon Bridge
· More than $200 million in Bitcoin associated with darknet markets , either directly or through intermediaries
· $60 million in Bitcoin processed for customers of Hydra Market, the largest and longest-running darknet market in the world until its April 2022 shutdown
· More than $35 million in Bitcoin associated either directly or through intermediaries with “fraud shops” (stolen credit cards, hacked account credentials, and user info leaked from data breaches)
· Bitcoin used by the infamous nation-state hacking group known as APT 28 to buy infrastructure for the Drovorub malware
According to a press release issued by the German Federal Criminal Police Office (BKA), ChipMixer has laundered an estimated 154,000 Bitcoin since 2017, or $2.8 billion in crypto assets.
The same BKA reveals that, in addition to ChipMixer’s takedown, authorities have charged Minh Quốc Nguyễn, 49, of Hanoi, Vietnam, with money laundering, operating an unlicensed money transmitting business and identity theft, connected to the operation of ChipMixer.
The DOJ accused Nguyễn not only of creating and operating the online infrastructure used by ChipMixer, but also of doing all the legwork to promote the services online.
The FBI is offering bounties for information leading to Nguyễn’s whereabouts and potential arrest. If convicted, he faces up to four decades behind bars.
tags
Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.
View all postsNovember 14, 2024
September 06, 2024