The ChipMixer Cryptocurrency Mixer Targeted in International Anti-Money Laundering Operation
German and US authorities, along with Europol, Belgium, Poland, and Switzerland, have conducted a joint investigation targeting the cryptocurrency mixer known as ChipMixer. The operation, executed on Wednesday, led to the takedown of ChipMixer infrastructure and the seizure of four servers, 7TB of data, and 1909.4 Bitcoins (approximately $47.3 million) in 55 transactions.
Seized Funds Linked to Illegal Activities
The majority of the seized funds were found to have connections with dark web markets, stolen crypto assets, ransomware groups, illicit goods trafficking, and the procurement of child sexual exploitation material. ChipMixer, an unlicensed cryptocurrency mixer established in mid-2017, specialized in mixing or cutting trails related to virtual currency assets.
The software developed by ChipMixer threat actors obfuscated the blockchain trail of the funds, allowing cyber-criminals to launder illegal proceeds by turning deposited funds into ‘chips’ that were mixed and anonymized. This process enabled the ‘cleaned’ crypto to be easily exchanged into other cryptocurrencies or fiat currency through ATMs or bank accounts.
Ransomware Actors Leveraged ChipMixer
Europol confirmed that several ransomware actors, including Zeppelin, SunCrypt, Mamba, Dharma, and Lockbit, utilized ChipMixer to launder ransom payments they had received. The takedown operation marks a significant victory in the fight against crypto money laundering and illegal activities.
Expert Commentary
Roger Grimes, a data-driven defense evangelist at KnowBe4, commended the authorities for taking down a crypto money launderer engaged in illegal activity. He noted that while efforts to hide transactions on the public blockchain are increasing, it remains to be seen if criminals will shift to harder-to-track blockchains in the long term.
The operation against ChipMixer comes on the heels of the US national Cryptocurrency Enforcement Team’s arrest of a Russian national suspected of involvement in the dismantling of the dark web Hydra marketplace.