16 March 2023

Police shut down crypto money laundering platform ChipMixer used by hackers and drug dealers


Police shut down crypto money laundering platform ChipMixer used by hackers and drug dealers

An international effort involving law enforcement authorities from the US, Germany, Belgium, Poland and Switzerland has cracked down on the cryptocurrency platform ChipMixer that allegedly helped obfuscate the digital money trail for online drug dealers, as well as Russian and North Korean state-backed hacker groups.

The platform’s infrastructure has been shut down on March 15, with the authorities seizing four servers and about 1909.4 Bitcoins (approx. 44.2 million euros).

“ChipMixer, an unlicensed cryptocurrency mixer set up in mid-2017, was specialised in mixing or cutting trails related to virtual currency assets. The ChipMixer software blocked the blockchain trail of the funds, making it attractive for cybercriminals looking to launder illegal proceeds from criminal activities such as drug trafficking, weapons trafficking, ransomware attacks, and payment card fraud. Deposited funds would be turned into “chips” (small tokens with equivalent value), which were then mixed together - thereby anonymising all trails to where the initial funds originated,” Europol said in a press release.

According to the agency, ChipMixer was also used by ransomware gangs such as Zeppelin, SunCrypt, Mamba, Dharma and Lockbit to launder ransom payments. It is estimated that some 152 000 Bitcoins in crypto assets were laundered through the service, with the large portion of funds connected to darkweb markets, ransomware groups, illicit goods trafficking, procurement of child sexual exploitation material, and stolen crypto assets.

The US authorities have charged Minh Quốc Nguyễn, 49, a Vietnamese man allegedly behind the platform.

The US Department of Justice also alleges that ChipMixer processed more than $700 million in stolen funds, including crypto assets stolen in the hacks of cryptocurrency platforms Ronin Bridge and Horizon Bridge, which were allegedly perpetrated by North Korean state-backed threat actor known as Lazarus Group.

Last May, the US authorities sanctioned virtual currency mixer Blender.io and then in August targeted the mixer Tornado Cash. In mid-August, the Dutch police arrested a 29-year-old developer behind the Tornado Cash service.

Back to the list

Latest Posts

Cyber Security Week in Review: December 8, 2023

Cyber Security Week in Review: December 8, 2023

The world in brief: FSB hackers doxxed, Russian hackers exploit a critical Outlook bug, and more.
8 December 2023
The UK accuses FSB-linked Star Blizzard hacker group of political interference in the UK and globally

The UK accuses FSB-linked Star Blizzard hacker group of political interference in the UK and globally

The UK authorities sanctioned two members of the group.
7 December 2023
Malicious Lockdown Mode attack tricks users into thinking their iPhone is secure

Malicious Lockdown Mode attack tricks users into thinking their iPhone is secure

The tampering technique only works on devices that have already been compromised.
7 December 2023