Police shut down dark web crypto laundering service linked to FTX hack

An international coalition of law enforcement agencies announced on Wednesday that it had taken down the popular dark web crypto laundering service ChipMixer, seizing more than $46 million in crypto and terabytes of server data.

The service, for example, was used last year by the attacker who stole funds from the now failed crypto exchange FTX, as well as by several ransomware groups.

“The platform and the criminal content have been seized,” ChipMixer’s website now reads.

“The ChipMixer software blocked the blockchain trail of the funds, making it attractive for cybercriminals looking to launder illegal proceeds from criminal activities such as drug trafficking, weapons trafficking, ransomware attacks, and payment card fraud,” Europol wrote in a press release. “Deposited funds would be turned into ‘chips’ (small tokens with equivalent value), which were then mixed together – thereby anonymizing all trails to where the initial funds originated.”

Image Credits: ChipMixer

ChipMixer launched in mid-2017 and, according to Europol, it was allegedly used to facilitate the laundering of 152,000 Bitcoins, worth almost $2.5 billion. Europol spokesperson Ina Mihaylova told TechCrunch that “the estimation is based on the average price of the bitcoin for the last 5 years as the figure refers to this time period.”

Blockchain analysis firm Elliptic estimates that ChipMixer has been used to launder over $844 million in Bitcoin, “including at least $666 million from thefts,” according to Tom Robinson, the company’s co-founder and chief scientist.

“ChipMixer was one of a variety of mixers used to launder proceeds of hacks perpetrated by North Korea’s Lazarus Group. The mixer has also been used by ransomware gangs and darknet drug vendors,” Robinson said in an email.

The service was popular with hackers, as it was used by ransomware groups such as LockBit, Mamba and SunCrypt, according to Europol.

The operation was coordinated by Europol working with Belgium’s Federal Police; Germany’s Federal Criminal Police Office and General Prosecutors Office Frankfurt-Main; Poland’s Central Cybercrime Bureau; Switzerland’s Cantonal Police of Zurich; and in the U.S. the Federal Bureau of Investigation and ICE Homeland Security Investigations.

Corrected the value of laundered bitcoin as billions, not millions, due to an editor’s error. ZW


Do you have more information about crypto hacks or crypto mixing services? We’d love to hear from you. From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Wickr, Telegram and Wire @lorenzofb, or email lorenzo@techcrunch.com. You can also contact TechCrunch via SecureDrop.