Elliptic, the cryptoasset risk management company, has published research revealing that criminals have used DeFi exchanges (DEXs), cross-chain bridges, and ‘coin swap’ services to obfuscate more than $4billion-worth of illicit crypto proceeds.
Some of the most prolific perpetrators include hackers, dark web markets, illicit virtual asset services, ponzi schemes and ransomware providers.
These findings highlight the rise of the “cross-chain problem” – an issue identified by Elliptic earlier this year, and one that is prevalent across the crypto space in posing a key risk for virtual asset services and criminal investigators, especially in the light of recent sanctions against other established services used for money laundering, such as Tornado Cash.
In earlier research, Elliptic identified RenBridge – a cross-chain bridge that allows users to swap assets across different blockchains – as a vector through which criminals have laundered over $540million in illicit cryptoassets alone.
The latest findings demonstrate that criminals are increasingly leveraging cross-asset and cross-chain transactions to evade legacy blockchain analytics solutions, not capable of tracing such activity. The Financial Action Task Force (FATF) first called-out money laundering through cross-chain transactions – or “chain hopping” – in its June 2022 report on virtual asset risks.
The main findings of the report, The State of Cross-chain Crime: Countering the New Age of Crypto Crime and Money Laundering in a Cross-chain World, are:
- Some $1.2billion of stolen crypto from DeFi or exchange thefts have been swapped using DEXs, which is over a third of all crypto stolen from the incidents surveyed.
- A further $1.2billion in illicit assets have been laundered using “coin swap” services, which allow users to swap assets both within and across blockchains without opening an account. Many are advertised on Russian cybercrime forums and cater almost exclusively to a criminal audience.
- There is a growing risk of cross-chain and cross-asset obfuscation from sanctioned, seized and terrorist entities. Wallets connected to groups eventually sanctioned by the United States – including those used by North Korea to perpetrate multi-million-dollar cyberattacks – have laundered more than $1.8billion through such techniques.
The Elliptic report draws on case studies and original data to address the criminal use of decentralised exchanges, cross-chain bridges and coin swap services.
As a direct response to the growing risks of cross-asset and cross-chain crime, Elliptic launched holistic screening – allowing cryptoassets to be traced across and between all blockchains and assets concurrently.
Holistic Screening establishes a new standard for crypto compliance and risk management, by allowing businesses to achieve cross-chain compliance efficiently and at scale – eliminating the need for manual multi-asset investigations, and instead providing automated risk insights.