Decentralised Exchanges (DEXs), Cross-chain Bridges and Coin Swap Services have been used by criminals and high risk entities to obfuscate at least USD$4 billion-worth of illicit crypto proceeds, according to a report by Elliptic.
The Elliptic Cross-Chain Report 2022 analyses a range of crypto-related illicit activity to determine the ways in which these services have been exploited. The criminal activity mentioned includes hacking, dark web markets, online gambling, Ponzi Schemes, ransomware attacks and illicit virtual asset services.
DEX platforms use smart contracts to enable cross-asset swaps, so users can move assets across different blockchains efficiently. These users may use the swapping services for legal or illegal uses. Swapping stolen assets for a token with higher trading volumes, such as Ethereum using a DEX is the most common swap used by criminals.
A Cross-chain Bridge is another service which enables users to exchange tokens from one blockchain to tokens on another. For example, a user can exchange Bitcoin from the Bitcoin Blockchain to Wrapped BTC (wBTC), which is on the Ethereum Blockchain enabling value in BTC to be used with ETH compatible services.
From January to July 2022, USD$1.2 billion worth of cryptoassets were stolen across eight cross-chain bridge exploits. Bridging has been used by criminals to add another level of transactions to seek to disguise their activities and to access services not available on the blockchain where the criminal proceedings originated. Of course the publicly visible nature of the blockchain means tracking services like Elliptic and Chainalysis can identify these movements in aggregate and hone in on illicit wallets and the identity of criminals over time.
More than USD$750M of illicit funds has been laundered through cross-chain bridges, according to Elliptic, with thefts comprising the largest amount.
Finally, Coin Swap Services allow users to swap cryptoassets for other tokens, which may be either on the same or on a different blockchain. Coin Swap Services generally do not require users to create accounts, nor do they verify customer identities. Many are advertised on illicit cybercrime forums.
Elliptic say that Coin Swap Services have been used to launder more than USD$1.2B of illicit crypto assets and are mainly utilised by dark web services and illicit virtual asset services.
Currently, Virtual Asset Service Providers (VASPs) use screening services like Elliptic and Chainalysis to determine whether tokens they receive originate from a wallet addresses associated with illicit activity, a form of "know your transaction" which may prove more effective than existing "know your customers" since it is impossible to hide the history of public blockchain assets.
Legacy screening solutions such as "know your customer" do not permit this level of monitoring at all, and holistic screening is used to monitor multiple chains and identify illicit cross-chain hops.
This kind of monitoring will undoubtedly help in dispelling the persistent but mistaken myth that crypto-assets are a 'wild west' and filled with fraud and scams. The crypto-asset space continues to grow and be used, in over 99% of transaction volume, for entirely legitimate purposes and pending regulation of centralised entities should only help dispel this myth further.
댓글