Cyber-Criminals Are Using Mining Pools to Launder Crypto

Written by

Cyber-criminals are increasingly diverting the proceeds of crime to crypto mining pools in order to obfuscate their origin, according to Chainanlysis.

The blockchain analysis firm said that mining pools, which enable groups of miners to combine their computational resources, are being used as de facto mixers by these malicious actors.

Read more on crypto-enabled crime: Nearly $9bn Laundered in Cryptocurrency in 2021.

“In this scenario, the mining pool acts similarly to a mixer in that it obfuscates the origin of funds (reminder: you can’t trace crypto through services, mining pools included) and creates the illusion that the funds are proceeds from mining rather than from ransomware,” Chainalysis explained in a blog post.

“Our data suggests that this abuse of mining pools by ransomware actors may be rising. Since the start of 2018, we’ve seen a large, steady increase in value sent from ransomware wallets to mining pools.”

In fact, tens of millions of dollars’ worth of crypto have been sent from ransomware addresses to mining pools each quarter over the past year or so, the firm revealed.

Chainalysis said it’s also seeing large volumes of digital money moving from ransomware wallets to exchange deposit addresses that receive significant funds from mining pools.

“It’s possible that in cases like these, ransomware actors are trying to pass off their own funds as mining proceeds, even though they’re not first moving the funds through a mining pool,” it added.

Some 372 exchange addresses with heavy exposure to mining pools have received $158m from ransomware addresses since the start of 2018, which is a large share of the total value sent to all exchanges by all ransomware addresses over that period, the blockchain analysis company claimed.

Not only ransomware actors but also crypto scammers are using mining pools to launder their funds, the report added.

Chainalysis argued that this is a “solvable problem,” if mining pools and hashing services are more rigorous about wallet screening – rejecting crypto coming from addresses linked to criminal activity. Exchanges should also consider more carefully the full exposure profile of wallets sending funds to them, by using publicly available “know your transaction” tools, it concluded.

What’s hot on Infosecurity Magazine?