Chainalysis: Exchanges Preferred for Laundering Stolen Funds, North Korean Hacker Group Adopts New Coin Mixing Protocol YoMix

Data research company Chainalysis pointed out in its 2023 Cryptocurrency Crime Report that although the scale of money laundering activities is gradually decreasing, the methods used by criminals to hide their tracks are becoming increasingly complex. Including the North Korean hacker group Lazarus Group, they have all turned to new mixing protocols and used more deposit and withdrawal addresses to evade detection.

Table of Contents
Toggle
Weakening of Money Laundering Funds
Centralized Exchanges Remain the Preferred Destination for Illicit Withdrawals
Significant Increase in Money Laundering Addresses
North Korea Adjusts Money Laundering Strategy
Transition to New Mixing Protocol: YoMix
Frequent Use of Cross-Chain Bridges

Firstly, in 2023, the amount of money laundering activities in cryptocurrency decreased from $31.5 billion in 2022 to $22.2 billion.

The report attributes the decrease in the above amount to the overall decline in cryptocurrency market trading volume in 2023. However, it can be seen that the decrease in money laundering activities is greater, reaching 29.5%, while the total trading volume only decreased by 14.9%.

Furthermore, the following chart shows that centralized exchanges (CEX) are still the main destination for transferring funds to illegal addresses, a proportion that has remained stable over the past five years.

However, over time, there has been a noticeable increase in illegal funds flowing into decentralized finance (DeFi) protocols, as well as a rise in funds being directed towards gambling services and cross-chain bridges. This is mainly due to the booming development of the DeFi sector in recent years.

Nevertheless, we are aware that the transparency of DeFi data generally makes it unsuitable for obscuring the flow of funds.

The report also mentioned the notorious North Korean hacker group Lazarus Group, which seems to have found new money laundering channels after many mixing protocols such as Tornado Cash and Sinbad were sanctioned or shut down.

The report states that even though law enforcement actions by regulatory authorities are intensifying, cryptocurrency criminals often find many alternative solutions immediately.

According to statistics, the usage of the new mixing protocol YoMix experienced significant growth in 2023, with the inflow of funds increasing by more than five times.

Chainalysis states:
About one-third of YoMix funds come from wallets associated with cryptocurrency hackers, and the significant increase in usage of this protocol is closely related to the adoption by Lazarus Group, demonstrating that criminals can still find alternative money laundering channels when old mixing services are sanctioned.

In addition, the data shows that cryptocurrency criminals frequently use cross-chain transfers to obscure the flow of funds. The scale of illicit cross-chain transfers reached nearly $744 million last year, more than double that of 2022.

Previously reported, the United Nations indicated through a report that North Korean hackers seem to be funding the country’s nuclear weapons program through extensive cyber attacks and theft, with total criminal proceeds exceeding $3 billion in seven years.

Chainalysis
Lazarus Group
North Korea
Money laundering
Mixing

Leave a Reply

Your email address will not be published. Required fields are marked *