How Criminals Launder Cryptocurrency Proceeds Through Cryptocurrency Mixing
Have you ever heard of cryptocurrency mixing services? Marketed as a privacy tool for everyday users, these services can unfortunately be a tool for criminal activity. While they encompass legitimate use cases and truly enhance user privacy, they can also become a haven for criminals seeking to launder money derived from illegal activities.
Today, we examine mixing services closely, how they leverage blockchain technology to obfuscate transactions, and how criminals use them to launder money from illegal activities. We’ll also explore a recent case involving Samourai Wallet, a mixing service shut down by authorities for its role in processing over $2 billion in suspicious transactions.
Mixing Up Money: How Does it Work?
Imagine taking a bunch of colored coins, throwing them all into a bag, shaking it up vigorously, and then distributing the coins to different people. That’s essentially what a cryptocurrency mixing service does but on a much more complex digital scale.
Traditional currencies leave a clear audit trail, with every transaction meticulously recorded by banks and financial institutions. However, cryptocurrency transactions, while recorded on a public ledger called a blockchain, can be traced back to specific digital wallets if the wallet addresses are known. Illicit actors continuously aim to make this possibility difficult for investigators. This is when they resort to mixing services.
Mixing Procedure
- User Deposits: Users seeking to enhance their privacy send their cryptocurrency (usually Bitcoin) to the mixing service.
- Batching: The mixing service accumulates funds from multiple users until a critical mass is reached, creating a large pool of combined cryptocurrency.
- Mixing Techniques: There are two main techniques used for mixing:
- CoinSwap: This method involves creating multiple temporary addresses for each user’s funds. The service then shuffles these temporary addresses and distributes the user’s original amount to a different, new address they control. This effectively breaks the link between the user’s original deposit address and the address that receives the “cleaned” cryptocurrency.
- CoinJoin: This technique leverages a more collaborative approach. Users with similar transaction amounts combine their funds into a single, larger transaction. The transaction is then broken down and distributed back to the participating users, but with each user receiving their original amount from a different source within the larger transaction. This makes it nearly impossible to trace the origin of the funds back to any individual user.
- Fee Collection: The mixing service charges a fee for its anonymization services, typically a percentage of the amount being mixed.
- Distribution: Once the mixing process is complete, the “cleaned” cryptocurrency is sent to the new addresses designated by each user.
Why is Mixing a Threat?
While some users might be drawn to the anonymity mixing services offer for legitimate reasons, such as protecting their financial privacy from public scrutiny, this very feature attracts criminals. They can use mixing services to “clean” money obtained through illegal activities like:
- Darknet Marketplaces: These online platforms operate in the dark web, a hidden part of the internet not accessible through traditional search engines. Here, criminals can buy and sell a wide range of illegal goods and services, including drugs, weapons, and stolen data. Mixing services can be used to anonymize the proceeds from these illicit sales.
- Cybercrime: Hacking, phishing schemes, ransomware attacks, and other cybercrime activities all generate illicit profits. Criminals can leverage mixing services to launder this stolen money and avoid detection by law enforcement.
- Sanctions Evasion: Countries or individuals facing financial sanctions may use mixing services to bypass restrictions on their ability to move money around the world.
Samourai Wallet: $100 million of untraceable criminal proceeds
In a recent crackdown on illicit cryptocurrency activity, the U.S. Department of Justice charged the founders of Samourai Wallet, a popular mixing service, with money laundering and operating an unlicensed money-transmitting business. Investigators allege that Samourai processed over $2 billion in transactions, with more than $100 million suspected to be criminal proceeds.
What’s particularly concerning is how Samourai allegedly offered features specifically designed to make tracing funds even harder, beyond the standard mixing techniques:
- Whirlpool: This service took the coin shuffling concept to a whole new level. It employed a complex, multi-stage mixing process that involved multiple rounds of CoinSwaps, making it even more difficult to untangle the origin of the funds.
- Ricochet: This feature added unnecessary intermediate transactions to a user’s request. Imagine wanting to send money from point A to point B. With Ricochet, the service would route the transaction through multiple additional addresses (hops) before it finally reached its destination. This extra layer of obfuscation further clouded the trail for investigators.
Law Enforcement Taking Down Samourai Wallet
Law enforcement agencies announced on April 24, 2024, an indictment against the founders and operators of Samourai Wallet with charges of money laundering and conspiracy to operate an unlicensed money-transmitting business. The government bodies identified elements suggest the company may have intentionally marketed itself toward criminals
According to the indictment, social media posts by Samourai allegedly discussed their services’ appeal to those seeking to avoid financial regulations or sanctions. This suggests the company may have been aware of, or even encouraged, the use of their platform for criminal activity.
The indictment further details how Samourai’s marketing materials allegedly acknowledged a customer base likely involved in “Dark/Grey Markets,” a term often used to describe areas of the online economy that operate in a legal gray area or outright facilitate illegal activities.
Law enforcement authorities took decisive action to disrupt the operations of Samourai Wallet. This includes:
- Seizing Web Servers and Domain: By seizing Samourai’s web servers and domain (https://samourai.io/), investigators effectively shut down the company’s online presence. This made it difficult for new users to access the service and hindered the ability of existing users to continue using it.
- Mobile App Takedown: Authorities also coordinated with the Google Play Store to remove the Samourai Wallet mobile application. This prevented users from easily downloading and installing the app on their smartphones, further hindering access to the mixing service.
- International Cooperation: The investigation and takedown of Samourai Wallet involved collaboration between various law enforcement agencies. The U.S. Department of Justice worked alongside the Internal Revenue Service Criminal Investigation (IRS-CI), the Federal Bureau of Investigation (FBI), Europol (the European Union’s law enforcement agency), Portugal’s Judiciary Police, the Icelandic Police, and others. This international cooperation demonstrates a growing commitment to combating cryptocurrency-related crime.
While cryptocurrency offers exciting possibilities for financial transactions and innovation, it’s important to be aware of the potential risks, especially when it comes to mixing services. Understanding how these services work and the red flags associated with them is essential to detecting criminal activity and securing assets.
Law enforcement displayed efficiency with the tackling of Samourai Wallets, and earlier with the sanctioning of TornadoCash. Nonetheless, many services surface every day in the cryptocurrency industry with an appeal to criminals seeking to conduct new illicit acts and hinder investigators on their trace. By staying informed about cryptocurrency obfuscation techniques, law enforcement can bring harmony to a digital financial world.