• Illicit addresses make up 23% of funds sent to mixers so far in 2022, up from 12% in 2021
  • Groups associated with the North Korean government send about half of the funds to mixers

More money transferred to crypto mixing services in 2022 comes from addresses associated with illicit activity, as government agencies may be forced to take action against non-compliant mixers or impose more penalties.

The 30-day moving average of value received by mixers hit an all-time high of nearly $52 million worth of crypto on April 19, according to a Chainalysis report released Thursday. This figure is roughly double the volume entering at the same time in 2021.

Perhaps most notably, the blockchain data platform revealed, illicit addresses account for 23% of funds sent to mixers so far in 2022, up from 12% last year.

Mixers or tumblers, such as Tornado Cash, are services that provide users with the ability to conceal the transaction history of certain cryptocurrencies by bundling and mixing them with other users’ funds. Industry observers have noted that while they can be used for illegal activities, many believe it is a crucial tool for financial privacy.

Nearly 10% of all funds sent from illicit addresses are sent to mixers, according to the report. No other type of address, such as those associated with various types of exchanges or gaming platforms, achieved a 0.3% send share.

Russian darknet market Hydra accounts for half of all funds transferred to these services by sanctioned entities this year, according to Chainalysis. Almost all of the remaining funds going to blenders are Lazarus Group and Blender.io, associated with the North Korean government, accounting for around 30% and 19%, respectively.

Chainalysis research director Kim Grauer said the report’s most striking point was the sharp increase in the use of mixers by cybercriminal groups linked to North Korea.

“This alone is driving a massive increase in blender use this year and demonstrates that regulators and law enforcement should have the tools and resources they need to better understand the national security risks that pose the mixers and investigate illicit activity,” she told Blockworks.

Forbes reported in February that Chainalysis had a “previously secret investigative tool” capable of unmixing transactions related to the 2016 DAO hack and tracking their output across four exchanges.

Tuesday’s report noted that Chainalysis “continues to refine the ability to unmix select mixed transactions and see users’ original funding source.”

Grauer declined to comment on the company’s unmixing capabilities.

Several mixers – including Tornado Cash – and other decentralized financial platforms leverage privacy-preserving technology, such as zk-SNARK, to ensure anonymity remains intact, said Travis Hoyt, director of NetSPI technology.

“If Chainalysis can in fact reverse or infer transactions protected by this type of technology, it would challenge some of the fundamental mechanics of how some blockchains work, as well as some of the mixing and [decentralized finance] platforms,” Hoyt told Blockworks.

Fight against the use of mixers for illegal activities

The hacker who exploited the Ronin network for around $625 million in March initially transferred thousands of Ether to Tornado Cash.

Also that month, federal prosecutors in Florida seized around $34 million in crypto and German authorities confiscated around $25 million in bitcoin. The suspected criminals in both cases used mixing services to hide the transactions.

More recently, around a third of the $100 million stolen last month from Horizon Bridge – a cross-chain interoperability platform between Ethereum, Binance Smart Chain (BSC) and Harmony blockchain networks – was also transferred to a Tornado Cash address.

Grauer said mixers in the United States, like other crypto companies, are required to register as Money Services Businesses (MSBs) under the Financial Crimes Enforcement Network.

Tornado Cash is an immutable smart contract, not a business, but the service includes a compliance tool, which allows any legal user to prove the origin and destination of funds if required by law enforcement.

The right to privacy is enshrined in Article 12 of the United Nations Human Rights Declarations and its preservation is a natural concern of any user of a public and immutable blockchain.

But Chainalysis is not aware of any mixers that currently comply with the anti-money laundering and anti-terrorist financing regulations that ESMs are subject to in most jurisdictions, Grauer added.

“Increased use by nation-state actors in particular may lead government agencies to take action against non-compliant mixers or even to impose sanctions, as they have done in the past,” said said Grauer.

The US Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Hydra in April, adding more than 100 of its crypto addresses to the specially designated national list as identifiers. In May, OFAC sanctioned virtual currency mixer Blender.io.

“These platforms are border-agnostic, and although [US] frameworks may apply to some citizens and the legal jurisdictions they are in, they will not apply to all,” Hoyt said. “That means trying to regulate them could be very difficult.”


Get the best crypto news and insights of the day delivered to your inbox each evening. Subscribe to Blockworks’ free newsletter now.


  • Ben Strack

    Ben Strack is a Denver-based journalist who covers macro and crypto-native funds, financial advisors, structured products, and the integration of digital assets and decentralized finance (DeFi) into traditional finance. Prior to joining Blockworks, he covered the asset management industry for Fund Intelligence and served as a reporter and editor for various local Long Island newspapers. He graduated from the University of Maryland with a degree in journalism. Contact Ben by email at [email protected]

About The Author

Related Posts