Chainalysis Crypto Crime Report Uncovers $14bn in Illicit Crypto Activity

The latest Chainalysis Crypto Crime Report has exposed a staggering $14 billion in illicit crypto activity worldwide. This massive figure is a stark reminder of the growing threat of cryptocurrency-based crime.

According to the report, illicit addresses received a total of $14 billion in cryptocurrency, with a significant portion of it coming from scams, darknet markets, and ransomware attacks. This is a concerning trend that highlights the need for increased vigilance and cooperation among crypto users, exchanges, and law enforcement agencies.

The report also reveals that the most common types of illicit activity involve scams, which accounted for over 70% of all illicit activity, followed by darknet markets and ransomware attacks. These findings emphasize the importance of being cautious when interacting with unknown parties online and using robust security measures to protect one's digital assets.

Ransomware has become a major concern in the world of cryptocurrency, with the average payment size reaching over $118,000 in 2021.

This is a significant increase from 2020, when the average payment size was $88,000. The record $40m payment received by Phoenix Cryptolocker is a stark reminder of the severity of these attacks.

Ransomware is often delivered to victims' devices through malware, which is malicious software installed on systems through devious means.

Ransomware is a serious threat that takes control of a computer system, locking out users until a fee is paid. Malicious software known as ransomware is often delivered to victims' devices through malware.

The average ransomware payment size was over $118,000 in 2021, a significant increase from $88,000 in 2020. This rise is largely due to large payments like the record $40m received by Phoenix Cryptolocker.

Malware is a type of malicious software that hackers use to steal cryptocurrency from individual users. Chainalysis has observed hackers using malware to steal smaller amounts of cryptocurrency from individuals, often targeting deep-pocketed organizations.

These attacks require careful planning and skill, and if successful, hackers need to launder large sums of cryptocurrency. Less sophisticated hackers can take a cheaper "spray-and-pray" approach, spamming millions of potential victims and stealing smaller amounts from each individual tricked into downloading malware.

Many different strains of malware are available for purchase on the Darknet, making it easier for less sophisticated hackers to deploy them against victims.

Colonial Pipeline was hit with a ransomware attack that forced them to temporarily cease operations, leading to panic buying and fuel shortages in several areas of the US.

The attack was carried out by DarkSide, a Russia-based cybercriminal group, and Colonial paid a ransom of 75 bitcoin, worth around $4.4m at the time.

The shutdown lasted almost a week before Colonial was able to resume operations.

The US Department of Justice managed to seize $2.3m worth of Bitcoin from Colonial's ransom payment following an investigation.

Chainalysis tools were used in the investigation to track down some of the funds that had been spread over the blockchain ecosystem.

This incident highlights the growing trend of "big game hunting" by ransomware attackers, who focus on carrying out highly-targeted attacks against large organisations.

Cryptocurrency and money laundering are closely linked, with illicit actors using cryptocurrencies to launder ill-gotten gains. This is because cryptocurrencies are cross-border, virtually instant, and inexpensive to transact.

Illicit money is often introduced into the financial system through cryptocurrencies, making it difficult to track its origin. The process of money laundering in the crypto context is typically associated with cybercriminals attempting to conceal the flow of funds related to on-chain crimes.

Since 2019, nearly $100 billion in funds have been sent from known illicit wallets to conversion services. This includes $30 billion in 2022, largely attributable to transactions involving sanctioned services.

Cryptocurrency is now one of the payment methods used by illicit actors worldwide, requiring law enforcement agencies to extend their expertise beyond specialized cybercrime units. This expertise must encompass both blockchain transaction tracing and a comprehensive understanding of traditional money laundering tactics.

With the right data and tools, investigators can leverage the transparency of blockchain to uncover illicit activity that may otherwise go undetected. This can generate both intelligence signals for proactive lead generation and more concrete evidence of illicit flows in existing investigations.

Chainalysis is seeing a shift away from ransoms paid in bitcoin to monero, a cryptocurrency that offers heightened anonymity.

More and more attackers are demanding victims pay in monero, making it a concern for law enforcement and cybersecurity professionals.

This shift will change the investigative tactics they must employ, as monero's anonymity features make it harder to track transactions.

Attackers are choosing monero due to its privacy-enhancing features, which make it a more attractive option for illicit activities.