The cryptocurrency mixer known as ChipMixer has been targeted by a joint investigation led by German and US authorities with the support of Europol, Belgium, Poland and Switzerland.
Executed on Wednesday, the anti-money-laundering operation took down ChipMixer infrastructure and seized four servers, 7TB of data and 1909.4 Bitcoins (roughly $47.3m) in 55 transactions.
Most of the seized funds reportedly had connections with dark web markets, stolen crypto assets, ransomware groups, illicit goods trafficking and procurement of child sexual exploitation material.
“ChipMixer, an unlicensed cryptocurrency mixer set up in mid-2017, was specialized in mixing or cutting trails related to virtual currency assets,” explained Europol in a blog post published on Wednesday.
According to the law enforcement agency, the software developed by ChipMixer threat actors obfuscated the blockchain trail of the funds. Cyber-criminals aiming at laundering illegal proceeds used the infrastructure to turn deposited funds into ‘chips’ that were mixed and anonymized.
“At the end of the process, the ‘cleaned’ crypto can easily be exchanged into other cryptocurrencies or directly into FIAT currency through ATM or bank accounts,” Europol explained.
Because of these features, the agency also confirmed that several ransomware actors, including Zeppelin, SunCrypt, Mamba, Dharma and Lockbit, have also leveraged ChipMixer to launder ransom payments they have received.
Read more on Lockbit here: LockBit Dominates Ransomware Campaigns in 2022
“It’s always a good day when a crypto money launderer engaged in illegal activity is taken down,” commented Roger Grimes, data-driven defense evangelist at KnowBe4. “US authorities and their allies have been aggressively trying to shut down and sanction illegal mixers whenever they can.”
At the same time, the security expert said KnowBe4 noticed a slight increase in mixers relying on improved methods to hide the identities and amounts of transactions from the public blockchain.
“Those efforts make following the money more difficult,” Grimes added. “It’s yet to be seen if criminals will move, en masse, to these harder-to-track blockchains or even if these harder-to-track blockchains are truly, long term, harder to track.”
The ChipMixer takedown operation comes a couple of months after the US national Cryptocurrency Enforcement Team arrested a Russian national suspected of playing a crucial part in the now dismantled dark web Hydra marketplace.