The decentralized nature of the Bitcoin ecosystem offers many the freedom to transfer assets without the risk of censorship, while malicious actors continue to take advantage of the network’s inherent privacy to move stolen funds. Tornado Cash was the preferred choice for laundering stolen cryptocurrencies by hackers before it was sanctioned by the Office of Foreign Assets Control (OFAC) of the United States Department of the Treasury in 2022.
The Hackers’ Choice Shifts to Bitcoin
According to OFAC, more than $7 billion in crypto assets have been laundered using mixers since 2019 by malicious individuals. However, new data from blockchain security firm CertiK indicates a change in 2023. The data analyzed by CertiK shows that following the increased legal regulatory scrutiny of Tornado Cash, hackers have been seeking other venues to move their illicitly acquired assets, with more than $300 million of the proceeds from the top 50 attacks in 2023 being laundered through Bitcoin.
Crypto mixers are protocols used to keep crypto transactions private. The process anonymizes transfers between wallet addresses by mixing potentially identifiable funds with large amounts of other funds. Joe Green, the head of CertiK’s rapid response team, stated in an interview that while the decentralization and privacy of the Bitcoin ecosystem empower legitimate users, malicious actors can also use it for their benefit, and he explained the process as follows:
“The Bitcoin ecosystem hosts various privacy mixers that serve both privacy-conscious users and malicious individuals. Although this scenario poses a challenge, it is important to accept it as an intrinsic aspect of decentralized systems.”
How Does the Process Work?
The shift to Bitcoin mixers means that malicious actors are looking for a way to evade regulatory sanctions that have impacted platforms like Tornado Cash. CertiK’s analysis showed that Bitcoin mixers like Sinbad, which have also been sanctioned by OFAC, were the tool of choice for the notorious crypto hacker group Lazarus in 2023.
According to the CertiK team, Bitcoin mixers use a different approach to anonymize transactions. Mixers on platforms like Tornado Cash obscure the link between the sender and the receiver. However, the user can only withdraw the amount they add to a new wallet for a fee.
Furthermore, Bitcoin mixers allow users to deposit Bitcoin and distribute it across multiple wallets in varying percentages, making tracking much more complex.
