FIC 2022: How criminals are covering up their crypto-asset transactions

Look for the money rather than the woman. To paraphrase Alexandre Dumas, who had one of the characters in his novel “Les Mohicans de Paris” say that these ladies were at the center of police business, the crypto-asset trail is a crucial element in investigations about ransomware.

For criminals, it is indeed a practical solution to quickly transfer large sums of money. In 2021, suspicious transactions are estimated at around 14 billion dollars, which is, however, a tiny (0.15%) share of this type of exchange.

If the crypto path is so decisive in the investigations, it is thanks to the traceability allowed by the large public registers of blockchains. Far from being anonymous, the use of digital assets is done under the sign of pseudonymity. A trail too fresh that the mafia franchises are trying to cover up. Thus, according to the latest report from the blockchain investigation firm Chainalysis, the use of mixers has increased in 2021.

This type of obfuscation service, intended to break the traceability of crypto-assets by mixing different transactions in a common pot, is not new. But it has been the subject of a noticeable appetite from malicious actors linked to North Korea. According to the company, more than 65% of the funds stolen by them were laundered in mixers, compared to 42% in 2020 and 21% in 2019.

mass problem

However, this passage is seen as increasingly perilous, especially when criminals attempt to move large amounts of assets. The latter “require the participation of many users entering comparable amounts in order to achieve the desired obfuscation”, recalls Kimberly Grauer, the research director of Chainalysis. In other words, a criminal bringing a large volume of dirty money into a mixer would end up exchanging his assets from his left hand to his right hand, which reduces the interest of the maneuver.

This growing use of mixers is also observed by the French cybergendarmes of the Center for the Fight against Digital Crimes (C3N). However, it can be added to other layers of bleaching, according to Captain Paul-Alexandre Gillot. The head of investigations of this unit cites for example the subsequent use of a swapper, these exchanges dedicated to the conversion of one crypto-asset to another. This can pose new problems in the traceability of financial flows. Indeed, while some conversion services respond to legal requisitions, others do not record information about their users.

A problem already known with traditional crypto exchanges. If the majority of them got into the nails like Binance, which has just obtained its registration in France as a digital asset service provider with the Autorité des marchés financiers , there are also “platforms with almost no legal existence hosted on operated servers” in Eastern Europe, notes Paul-Alexandre Gillot. So many black boxes.

No mass migration to privacy coins

As for crypto-currencies specialized in protecting the anonymity of their users, such as Monero, they are struggling to establish themselves. However, it is not for lack of trying, on the side of some cybercriminals. Revil began, during 2020, to request payments in Monero, only accepting bitcoin with a 10% increase in the amount requested. Same thing for Darkside, which asked 20% more for a payment in bitcoin. At Blackmatter, it was even 25%! Prometheus has only ever accepted Monero.

But these “privacy coins” have a big flaw: they are “not as liquid as bitcoin and other cryptocurrencies”, observes Kimberly Grauer. Under pressure from the regulator, trading platforms have withdrawn some of these digital assets from their markets, such as Kraken in the United Kingdom. And in general, with lower trading volumes, these crypto-currencies do not lend themselves well to transactions involving large amounts that are potentially less discreet.

Rather than the use of a single crypto-asset, the C3N investigators also note the use of very many tokens – it is estimated that there are more than 17,000 different crypto-assets. Thus, during a recent seizure, a few months ago, the gendarmes got their hands on the equivalent of three million euros divided between around forty crypto-assets. Far from the classic use case, limited to bitcoin alone, of the first court cases.

We would like to say thanks to the author of this short article for this amazing material

FIC 2022: How criminals are covering up their crypto-asset transactions

Take a look at our social media profiles and other related pages