Crypto mixer usage reached an all-time high in 2022 with a significant contribution from sanctioned entities and cybercriminals with known state affiliations, according to Chainalysis‘ recent report.
The numbers show that the value received by mixers reached its all-time high of $51.8 million on April 19, 2022.
As the value obtained by mixers wildly fluctuates daily, the report considered the 30-day moving averages.
Mixers aim at disconnecting the cryptocurrencies from their depositors. They work by pooling together all the deposited funds and re-distributing at random. Criminals often provide their second wallet address as the receiving end, and only by paying a small service fee they disconnect the stolen amounts from the stealing wallet address.
Why so popular?
Mixers have been seeing an increase in volume every quarter since the first quarter of 2020.
Based on the data, the main reason behind the increase in volume seems like the growing share of centralized exchanges and DeFi protocols.
However, the share of illicit activities has the highest contribution to reaching an all-time high in volume. The percentage of volume entering the mixers through criminal addresses is 23% in 2022, which has increased from 12% in 2021.
Illicit activities have the highest share
Mixers have been developed to provide extra privacy in cryptocurrency transactions. However, they also became a primary tool for crypto-laundering.
According to the numbers, nearly 10% of all funds sent to mixers come from illicit addresses, while the lawful ones are less than 0.3%.
When the 10% illicit volume contributors are examined closely, sanctioned entities and stolen funds emerge as the top two categories.
Sanctioned entities
The below chart clearly displays a significant increase in volume entering the mixers from the wallets of sanctioned entities, especially in the second quarter of 2022.
The report also examined the mixer platforms these sanctioned entities used. The results revealed that the Russian-based darknet market Hydra became the most used platform, accounting for more than half (50.4%) of all funds entering the mixers from sanctioned entities.
Lazarus Group and Blender.io, affiliated with the North Korean government, became the second and third most used platform by sanctioned entities, respectively.
Stolen funds
Next, the report examines the contributors under the category of stolen funds in more detail.
The results revealed that cybercriminals organizations with known state affiliations had been the leading contributors to the category.
It can be seen that Russian-based cybercriminals groups have been significant contributors to the category since 2018. However, it seems like North Korea has improved in the area and surpassed the Russians’ dominance.