By Nermeen Nabil Khear 
Crypto mixers are one of the most controversial offerings within the blockchain sector. Also known as tumblers, these platforms receive cryptocurrency from users, and then mix together funds before sending them out to recipient addresses.
Tornado Cash is one of the most well-known cryptocurrency mixing protocols. Tornado Cash was developed in 2019 to obfuscate digital asset transfers.
The Office of Foreign Assets Control (OFAC) officially sanctioned Tornado Cash in August 2022. It was revealed that North Korean hacking consortium Lazarus Group had used the protocol to launder around $455 million in illicit funds.
A new report from Chainalysis found that mixing services routinely captured between 10% and 15% of ransomware quarterly money laundering flows.
Mixers Being Used Less By Ransomware Actors
While this may be the case, crypto mixers are being used less by criminals. Chainalysis’s report shows a substantial decline in the use of mixers in 2024.
According to the findings, ransomware funds primarily flowed through centralized exchanges (CEXs), personal wallets and cross-chain bridges.
Jacqueline Burns Koven, head of cyber threat intelligence at Chainalysis, told Cryptonews that the decline in the use of mixers suggests a few key points.
“Either bad actors no longer have trustworthy mixers to use, or they’re employing less sophisticated laundering strategies – or both,” Burns Koven said.
She added that it’s possible ransomware actors aren’t sure where to turn following recent law enforcement actions against mixers.
Ari Redbord, global head of policy at TRM Labs, told Cryptonews that he isn’t surprised by the decline in mixer usage among ransomware groups due to the global crackdown on services like Tornado Cash and Sinbad.
“But ransomware gangs adapt,” Redbord said. “They have now turned to cross-chain bridges, allowing them to move funds across different blockchains while obfuscating the origin of transactions.”
Cross-Chain Bridges and CEXs Used By Criminals
Indeed, Chainalysis’s findings show that ransomware actors increasingly rely on cross-chain bridges for off-ramping.
Cross-chain bridges are used to facilitate the transfer of funds across different blockchains. This strategy allows criminals to spread illicit funds over a broad array of services and deposit addresses.
This complicates detection efforts by law enforcement and compliance teams at exchanges. In addition, spreading assets across multiple addresses can mitigate risks associated with any single address being frozen due to suspicious activities.
In contrast, CEXs continue to be a mainstay of the ransomware offramping playbook. According to Chainalysis, last year saw a slightly above-average reliance on these types of services – 39% versus 37% for the period between 2020 and 2024.
Most recently, French authorities opened a money laundering investigation into Binance, the world’s largest cryptocurrency exchange. French authorities believe there are alleged violations of anti-money laundering and terrorist financing laws taking place on the exchange.
Criminals Hold Funds in Personal Wallets
It’s also worth noting that substantial volumes of illicit funds are being held more often in personal wallets.
The Chainalysis report notes that ransomware operators – a primarily financially motivated group – are abstaining from cashing out more than ever before.
“Ransomware actors may be holding funds for longer in personal wallets because finding liquidity to cash out is becoming more difficult, especially following major law enforcement takedowns of no-KYC exchanges last year,” Burns Koven said.
A number of no-KYC (Know Your Customer) exchanges were shut down last year. On September 19, 2024, the German Federal Criminal Police (BKA) seized the infrastructure of 47 Russian-language no-KYC cryptocurrency exchanges.
On May 14, 2024, all trades on the peer-to-peer exchange LocalMonero were disabled. LocalMonero was once known as “a cornerstone of the no-KYC Monero ecosystem.”
Criminals Will Soon Leverage AI Agents
While mixers, cross-chain bridges and CEXs are commonly used by bad actors to remain discreet, artificial intelligence (AI) agents may soon play a role.
According to Redbord, the increasing integration of AI-driven automation in ransomware attacks now poses a major threat.
He believes that the advent of AI agents capable of autonomously identifying vulnerabilities and executing attacks presents a new dimension of cybercrime.
“This enables faster, more precise targeting of victims and quicker encryption of systems,” he said. “For example, ransomware group supercharge attacks may soon occur by removing the human bottleneck.”
Redbord further warned that autonomous AI agents could one day replace human intermediaries by independently identifying and exploiting vulnerabilities.
“Autonomous AI systems could entirely eliminate the need for human hackers, enabling widespread attacks at a scale previously unimaginable, with dire economic and security implications,” he said.
Preparing For Future Attacks
In order to prepare for such attacks, Redbord noted that law enforcement, national security agencies and the crypto ecosystem need to leverage the same technology to fight back.
“We need to adopt AI-driven detection tools and blockchain intelligence to identify and mitigate emerging threats from AI-enabled criminals,” he said. “Collaboration between law enforcement and the private sector will also be critical in detecting illicit activity, disrupting cybercriminal networks, and ensuring the security of digital financial systems.”
The National Cryptocurrency Enforcement Team (NCET) that was established in the US in February 2022 helps combat cybercrime and money laundering.
However, the US Securities and Exchange Commission (SEC) is reportedly downsizing the crypto enforcement unit of over 50 lawyers and staff, which may present challenges in combating crypto crime moving forward.
As AI-driven tactics continue to evolve, regulators and the broader crypto community must stay vigilant to counter these growing threats.
The post Crypto Mixers Used Less By Ransomware Criminals, AI Agents Pose New Threat appeared first on Cryptonews.
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.