An international effort involving law enforcement authorities from the US, Germany, Belgium, Poland and Switzerland has cracked down on the cryptocurrency platform ChipMixer that allegedly helped obfuscate the digital money trail for online drug dealers, as well as Russian and North Korean state-backed hacker groups.

The platform’s infrastructure has been shut down on March 15, with the authorities seizing four servers and about 1909.4 Bitcoins (approx. 44.2 million euros).

“ChipMixer, an unlicensed cryptocurrency mixer set up in mid-2017, was specialised in mixing or cutting trails related to virtual currency assets. The ChipMixer software blocked the blockchain trail of the funds, making it attractive for cybercriminals looking to launder illegal proceeds from criminal activities such as drug trafficking, weapons trafficking, ransomware attacks, and payment card fraud. Deposited funds would be turned into “chips” (small tokens with equivalent value), which were then mixed together - thereby anonymising all trails to where the initial funds originated,” Europol said in a press release.

According to the agency, ChipMixer was also used by ransomware gangs such as Zeppelin, SunCrypt, Mamba, Dharma and Lockbit to launder ransom payments. It is estimated that some 152 000 Bitcoins in crypto assets were laundered through the service, with the large portion of funds connected to darkweb markets, ransomware groups, illicit goods trafficking, procurement of child sexual exploitation material, and stolen crypto assets.

The US authorities have charged Minh Quốc Nguyễn, 49, a Vietnamese man allegedly behind the platform.

The US Department of Justice also alleges that ChipMixer processed more than $700 million in stolen funds, including crypto assets stolen in the hacks of cryptocurrency platforms Ronin Bridge and Horizon Bridge, which were allegedly perpetrated by North Korean state-backed threat actor known as Lazarus Group.

Last May, the US authorities sanctioned virtual currency mixer Blender.io and then in August targeted the mixer Tornado Cash. In mid-August, the Dutch police arrested a 29-year-old developer behind the Tornado Cash service.