Risk Assessment . 6 As of April 5 , 2022 , Hydra was sanctioned by the Office of Foreign Assets Control ( OFAC ), with servers shut down and over $ 25 million of bitcoin assets seized . 7
• Garantex ( April 2022 ):
— Founded in 2019 and largely operating out of Moscow and St . Petersburg , Garantex primarily offers virtual currency exchange services . Investigations noted over $ 100 million in transactions associated with illicit actors and darknet markets . This includes nearly $ 6 million from the Russian RaaS gang Conti and funds from Hydra . The Estonia Financial Intelligence Unit and the U . S . Department of the Treasury worked jointly to sanction Garantex .
— It is worth noting that Garantex continues to provide services to customers , and the sanctions issued over the entity are supported by public guidance to further cut off avenues for the Russian invasion of Ukraine .
• Tornado Cash ( August 2022 ):
— As many can probably take from its name , Tornado Cash is a mixing service that operates on the Ethereum blockchain and facilitates anonymous transactions by obfuscating their original origin . The service has been used to launder more than $ 7 billion of virtual currency since being created in 2019 . Sanctions were issued following the May 2022 designation and report on the virtual currency mixer , Blender . io . 8 The mixing service was noted to have “ repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risks .” 9
• Helix ( August 2021 ):
— A company offering bitcoin mixing services , Helix pleaded guilty to a laundering conspiracy involving more than 4,400 bitcoin ($ 200 million value in 2021 ). 10
Main lessons learned amid global crypto crime
1 . Rise in transaction volume : Comparison to illicit percent and overall transactions .
Graphic 2 illustrates the estimated illicit share of cryptocurrency transaction volume over the past six years . Viewed comparatively with Graphic 1 , the level of illicit activity using crypto has risen significantly , but the proportion of illicit transactions of all cryptocurrency volume has decreased by almost 72 % since 2019 . Graphic 2 shows the extent to which global cryptocurrency transactions have continued to skyrocket .
Graphic 2 : Illicit share of all cryptocurrency transaction volume ( 2017-2022 )
2.00 %
1.50 %
1.00 %
0.50 %
0.00 %
0.86 %
Source : Chainalysis 11
0.49 %
1.90 %
0.43 % 0.12 %
0.24 % 2017 2018 2019 2020 2021 2022
2 . Mixing strategies : Obfuscating the source of funds or true identity behind transactions .
Mixers continue to have a huge impact on the ability of bad actors to conceal true ownership and identity behind transactions , despite their legal use for mixing services . An example is financial privacy for individuals wishing to make legal transactions within oppressive regimes . However , even though a small percentage of crypto mixers are cybercriminals , 10 % of all illicit crypto transactions are estimated to be laundered through a mixer at one point . 12
This causes LE to scramble to shut down the mixing services available to the criminal population . Graphic 3 on page 30 summarizes a unique mixing operation in Blender . io . 13
The Financial Crimes Enforcement Network ( FinCEN ) has confirmed that mixing services are required to register as money transmitters and adopt anti-money laundering ( AML ) programs . 14
3 . Capital building : Many criminals or terrorist organizations will turn to crypto mining to raise funding and avoid the traditional financial system .
Isolated cases have come out where cyber criminals create fraudulent personas to engage in social engineering and steal cryptocurrency . Stolen funds are then utilized to mine for more cryptocurrency , giving the cybercriminal a means to obtain crypto via mining with no cost for the initial transaction . Mandiant followed an interesting case with this strategy based out of North Korea . The research focuses on their hacking syndicate subject ( APT43 ) using the stolen cryptocurrency to acquire freshly mined crypto . 15
ACAMS Today September – November 2023 29