Cyber Security

Crypto mixers: What are they and how are they used?

How crypto mixers, also known as crypto tumblers, are used to obscure the trail of digital money

Coined during Al Capone’s times, the term ”money laundering” has since entered the general lexicon as criminals have been busy obscuring the source of their ill-gotten assets and making it appear as if the funds have come from legitimate activities.

As technology advances, so do the methods used by criminals to try to launder the proceeds of their criminal activity. Here is where cryptocurrencies and some specialized crypto services come into play as they cater not just to people who prefer anonymity for legitimate reasons, but also to those who seek to launder their dirty coins and cover their tracks.

Indeed, many people may think that by using crypto like Bitcoin, still the most popular cryptocurrency, they won’t be traceable. This is a misconception, however. Although it is true that tracing a crypto wallet or transaction to a person or an IP address isn’t always straightforward, it is not impossible.

Also, when it comes to its privacy-enhancing potential, not all crypto is born equal. Some coins, such as Monero and Zcash, and wallets that are sometimes known as “privacy wallets” promise a higher level of anonymity to their users than the more popular alternatives.

And yet, many cybercriminals have been caught thanks to new techniques that are aimed at tracing the movement of cryptocurrency along the blockchain. Also, in one high-profile case, the US Department of Justice recovered about US$2.3 million worth of Bitcoin out of the US$4.3 million that Colonial Pipeline, a victim of the DarkSide ransomware rang, paid after falling prey to the attack in 2021.

Over the years, cybercriminals have started to seek ways to enhance the (pseudo)anonymity of their transactions and launder the cryptoassets from their criminal activities. One such method relies on services known as cryptocurrency mixers or cryptocurrency tumblers.

What are crypto mixers, aka crypto tumblers?

Crypto mixers are intended to mix your digital money with that of other users in order to make multiple combinations with countless transactions and to obfuscate the source and destination of crypto assets. These services are available not only in shady forums, but also on the surface web. Although there are many places where such practice is not illegal and this service is available for everybody, the providers offer it as a privacy improvement, rather than a crypto laundering option.

Tornado Cash, for instance, is a Blockchain Ethereum mixer that has gained great popularity in recent years, especially among cybercriminals. This service, launched in 2019, is used for processing millions of dollars a day and was used, among others, by the perpetrators of the attack at Crypto.com, involving withdrawals of about US$34 million, and by the perpetrators of the attack at Ronin, the blockchain network linked to the Axle Infinity game.

What types of crypto mixer services are there?

Crypto mixers include mainly two types:

  • Centralized mixers: Users introduce their e-wallet addresses on these platforms, and send the specific cryptocurrency amount they want to “mix” to the platform. Thus, the user grants the agent full control to make multiple transactions aimed at “mixing” cryptoassets. By agent, we mean a specialized algorithm that carries out multiple transactions in a random fashion. io is a centralized mixer.
  • Decentralized mixers: In this case, mixers try to avoid intermediaries. In this way, users band together and select the cryptoassets they want to “mix”, to make small transactions between users of the same platform. Of course, the higher the number of users in the pool, the higher the randomization. One of the most widely used protocols for this type of service is CoinJoin.

Centralized vs. decentralized mixers: Which is better?

If we assess the functionality that ensures greater anonymity, the decentralized mixers stand out. Why? Decentralized mixers offer a much higher level of anonymity than centralized mixers. This is because centralized mixers have access to the users’ IP addresses. This means that, to some extent, the address from which the cryptoasset was sent, as well as the user receiving it, may be predicted. Moreover, these platforms may be subject to attacks resulting in the exposure of platform user data, compromising their privacy and anonymity; in which case, users might become potential victims of future attacks.

Also, decentralized mixers provide a key advantage compared to centralized ones: they grant users full control of their assets as, after the mixing process, they may check whether the incoming amount is equal to the amount mixed through signatures. By doing so, they also prevent their cryptoassets from being robbed during the mixing process.

Are crypto mixers illegal?

Although, as we already noted, crypto mixers are not illegal, it will depend on the country and jurisdiction. While cryptocurrency mixers offer benefits, as they help ensure anonymity, the truth is that these services are not only used by people seeking more anonymity, but also by cybercriminals. But what makes a crypto mixer somehow illegal?

In recent years, the cybercrime industry, particularly the ransomware scene, has become increasingly active. With ransomware as a service (RaaS), cybercriminals are making huge profits. In addition, huge deals are closed on the dark web, such as the sale of different type of malware, the sale of data obtained from attacks against various companies, platforms and services.

Drugs being sold on the dark web

Hacking tools and ransomware bundles being sold on the dark web

A mixed picture?

Crypto mixers are not inherently illegal and they can be used for legitimate reasons (although their very use has increasingly been a bit of a red flag for authorities). The problem generally arises when such services are used to evade controls or launder the proceeds of illegal activities, which is partly why they’re drawing increasing regulatory scrutiny.

Indeed, crypto laundering is becoming increasingly difficult and law enforcement has been able to follow the trail of ill-gotten digital money and take action even against the operations of crypto mixers.

Articles You May Like

Watch out for survey scams – Week in security with Tony Anscombe
Threat Actor Claims Responsibility For IBM and Stanford University Hack
Cyberattacks: A very real existential threat to organizations
It’s Social Media Day! Here’s How to Protect Yourself From Social Engineering Online
Do back offices mean backdoors?

Leave a Reply

Your email address will not be published.