The sanction of cryptocurrency mixer Tornado Cash in August caused the first major shift, which is accelerating even faster than projected.
Cybercriminals have accelerated their shift away from crypto mixers for cross-chain bridges over the past year, according to blockchain forensics firm Elliptic.
In June and July, nearly all of the crypto stolen was laundered through cross-chain bridges, with Elliptic’s data showing a complete reversal from the first half of 2022.
In a Sept. 18 blog post, Elliptic explained the cross-chain crime trend is due to the “crime displacement” effect, where criminals move to a new method to carry out the illicit activity when the existing method gets over-policed. However, the shift to cross-chain bridges is rising ahead of their projections.
Proportion of funds laundered between cryptocurrency mixers and cross-chain bridges between January 2022 and July 2023. Source: Elliptic.
Between July and September 2022, the ratio of laundered funds passing through mixers vs. cross-chain bridges flipped, corresponding to the United States Office of Foreign Asset Control’s sanctioning of Tornado Cash in August 2022, said the firm.
Elliptic said many cybercriminals, like the North Korean-backed Lazarus Group, flocked to the Avalanche bridge after the sanctions.
This same bridge was reportedly used recently by the Lazarus Group to facilitate some of the stolen funds in Stake’s $41 million exploit on Sept. 4, according to blockchain security firm CertiK.
Crypto mixers saw a small comeback between November 2022 and January 2023, due to the shutdown of RenBridge, which closed in December after its financer, Alameda Research, collapsed amid FTX’s bankruptcy.
Elliptic estimates that RenBridge facilitated $500 million in laundered funds throughout its operation.
However, shortly after, criminals returned to cross-chain bridges — even more than before.
Chain-hopping via bridges has become one of the most popular money laundering methods for illicit actors. That’s been a problem for crypto investigators — until now. Meet TRM Phoenix — automated cross-chain tracing through 12+ bridges & services: https://t.co/OziATjlO4P pic.twitter.com/7QsLthn180
Elliptic said that criminals may prefer cross-chain bridges as it is difficult for blockchain forensic firms to track illicit activity across chains in a scalable manner.
In addition, many of these stolen tokens are only exchangeable through cross-chain bridges, with most of these decentralized finance services not requiring identity verification, Elliptic explained.
The firm estimates that $4 billion in illicit or high-risk cryptocurrencies have been laundered through cross-chain bridges since 2020.