Crypto mixers – services that exist to increase the anonymity of crypto users – are more popular than ever, while illicit addresses account for 23% of funds sent to mixers so far this year, a new report from blockchain intelligence firm Chainalysis has found.
The 23% number for these seven months of 2022 marks a rise from 12% in 2021, claims the firm.
That said, according to the report, “mixers are receiving more cryptocurrency than ever in 2022.” The use of crypto mixers has increased significantly this year, with the 30-day moving average of total value received by mixers reaching an all-time high of USD 51.8m on April 19.
The number represents roughly a doubling of the incoming volume at the same time last year, the report said.
Meanwhile, a large and increasing share of the funds sent to mixers stem from activities Chainalysis defines as “illicit.” The share of mixer usage defined as illicit has nearly doubled since last year, and these activities now represent the main driver for the increase in mixer usage, Chainalysis wrote.
While there are “legitimate reasons” to use mixers – for example, financial privacy for people living under oppressive governments – said the report, “mixers’ core functionality, combined with the fact that mixers rarely if ever ask for KYC [know your customer] information, makes them naturally attractive to cybercriminals.”
It added that,
“In fact, nearly 10% of all funds sent from illicit addresses are sent to mixers — no other service type cracked a 0.3% mixer sending share.”
Major sources of the funds sent to mixers were regular centralized exchanges and decentralized finance (DeFi) protocols, the report said.
Chainalysis found that funds from “sanctioned entities” made up the majority of the illicit use of mixers in the second quarter of this year. The category includes entities that would have fit into other categories prior to being sanctioned, with the Russian darknet market Hydra pointed to as one example.
The Hydra marketplace, which was sanctioned in April 2022, accounted for 50% of all funds sent to mixers from sanctioned entities this year, the report said.
It added that the remaining 50% largely came from the two North Korean hacker groups, Lazarus Group and Blender.io.
In April this year, the US FBI claimed that the Lazarus Group was behind Axie Infinity’s Ronin Bridge hack. Furthermore, in late June, blockchain analytics firm Elliptic said it had traced funds sent through crypto mixer Tornado Cash, stolen in Harmony’s Horizon Bridge hack, and that their analysis indicates that the hack and subsequent asset laundering are consistent with activities of the Lazarus Group.
The “sanctioned entities” category in the Chainalysis’ report was followed by “stolen funds” as the second-biggest illicit user of mixer services during the quarter.
Notably, Chainalysis also argued that mixers could soon become obsolete as the firm “continues to refine the ability to demix certain mixing transactions and see users’ original source of funds.”