Chain Hopping: The Future of Crypto Money Laundering

Cross-Chain Bridges: The Good, the Bad, and the Ugly

It may be difficult to envision this in 2023, but blockchains once operated like distinct islands. The lack of interconnectedness was finally resolved with the advent of cross-chain bridges, software applications that enable transactions to occur between various blockchains. Through cross-chain bridges, users could now gain access to other blockchains regardless of what coins they held without exposure to the price fluctuations of the destination network’s native token. By enabling communication between once-isolated blockchains, cross-chain bridges play an instrumental role in driving interoperability in what would otherwise be a fragmented landscape in the world of decentralized finance (DeFi). 

Unfortunately, cross-chain bridges are also helpful to cybercriminals. For instance, a ransomware group that demands a ransom in Bitcoin may use cross-chain bridges to convert the currency into other cryptocurrencies – a phenomenon known as chain hopping. Cybercriminals typically do not even prefer the new coins but are merely trying to obfuscate the trail of illicit funds and make it that much more difficult for authorities to track them. 

Ethereum is the most popular blockchain for DeFi, and the amount of Tether on Ethereum has been surpassed by Tether on Tron. Criminals, like legitimate users, prefer Tether on Tron’s operating system due to its stability, low fees, and high speed.

A simple analogue for chain hopping in the real world is when criminals launder their money through multiple small businesses such as laundromats or car wash services. Just like these criminals, cybercriminals are trying to walk away with clean assets that cannot be tied to their original crimes. Chain hopping is extremely prevalent and is expected to grow only further.

The Evolution of Chain Hopping 

Chain hopping, like crypto crime, is ever-evolving. Born out of the desire to minimize transaction fees and accelerate transaction speeds, cybercriminals are turning to layer 2 solutions such as side chains or state channels for cross-chain laundering. For example, criminals may transfer cryptocurrency from Ethereum to Tron, at which point they will further obfuscate the trail through additional conversions within the Tron DeFi ecosystem. Smart contracts platform Avalanche is also attracting cybercriminals for similar reasons. With over 1,375 validators, the average transaction is confirmed in just .79 seconds, all with low transaction fees. 

Cross-change bridges are inherently anonymous. Unlike the blockchains themselves, which may have some form of governance, cross-chain bridges may be developed and used by anyone. Criminals, in short, don’t have to submit to any centralized intermediary or go through any trusted party. They simply move the stolen funds seamlessly and efficiently.

Criminals are increasingly turning to privacy-centric bridges that play on these strengths. Examples include Thorchain and Secret Network, which provide additional features, protocols, or algorithms that enhance anonymity. Another privacy-centric bridge, Incognito, uses zero-knowledge proofs to mask transaction details. Now criminals can privately send and receive any of the 100 supported cryptocurrencies across different blockchains, further obscuring the flow of funds. Incognito has transported $250 million across 6 million transactions, an untold number of which is certainly criminal activity as legitimate users would not go to such great lengths to hide their identities. 

One cheaper and more convenient alternative to chain hopping is leveraging DeFi aggregators. 1inch, Curve Finance, Uniswap, and other aggregators facilitate the anonymous swapping of cryptocurrencies. Because swapping makes it challenging for law enforcement to trace the flow of funds, DeFi aggregators have been used extensively for laundering. A staggering $1.2 billion has been laundered in this way, with 1-inch, Curve, and Uniswap being the top three aggregators of choice. But this door may be closing. Some aggregators are proactively implementing know-your-customer or anti-money-laundering verifications to prevent cyber criminals from using their platforms. Uniswap, for instance, now requires KYC when using Moonpay. 

DeFi mixers are similar to aggregators, but they escalate the obfuscation. Built on smart contracts, DeFi mixers pool funds from multiple users, mix these cryptocurrencies and distribute them to different addresses. These additional complications create an additional layer of anonymity and hinder the identification of either the source or the destination. Mixers are being increasingly targeted by authorities for their role in money laundering. In March 2023, American and German authorities took down a mixer that had facilitated Bitcoin laundering in the billions of dollars.  

The Future of Laundering via Chain Hopping

The advantages of laundering through DeFi over centralized finance (CeFi) are obvious but may be worth stating again. DeFi provides criminals with more anonymity, as it is based on pseudonymous addresses and smart contracts. CeFi, in contrast, requires KYC and AML verification of users. DeFi transactions are also faster because there are no intermediaries, while CeFi transactions will be slower due to numerous checks and safeguards. Finally, DeFi may be more inclusive to criminals, in a manner of speaking. Criminals in markets with less developed financial systems may easily launder through DeFi, compared to CeFi, which may restrict access with compliance requirements. 

Because DeFi affords criminals the advantages of anonymity, access, and speed, tracing funds across chain hopping is difficult. However, this was not always the case. Before the rise of cross-chain bridges, users moved funds across blockchains via custodial token swap services, centralized exchanges, and trading services. As legitimate businesses, these organizations had AML and KYC processes in place, making it harder for criminals to use them for cashing out. In the event they did, investigators also found it easier to trace these transfers because they did not occur in real-time. The emergence of instantaneous transfers via cross-chain bridges has made it difficult for authorities to track and trace the flow of money across blockchains.

If the innovation of cross-chain bridges gave criminals the upper hand, the innovation of cross-chain blockchain analytics is restoring some of that advantage to authorities. Because these tools enable traceability, visualization, transaction analysis, and ultimately the detection of suspicious activity, investigators can identify anomalies and patterns, trace the flow of funds, and provide visual representations of this movement.

In addition to the rise of cross-chain blockchain analytics, token transparency initiatives are gaining steam. Just as blockchain activity may be visible in a public explorer, token transparency initiatives aim to achieve the same visibility and traceability for cross-chain transactions. This visibility will make it harder for criminals to launder funds across multiple blockchains, in the same way that KYC and AML once did on centralized exchanges.

Slowing the Rising Tide of Chain Hopping

Providers of blockchain analytics tools and cross-chain bridges are more frequently collaborating in terms of information sharing, data analysis, and joint research to mitigate the risks associated with cross-chain transfers, especially any that may represent laundering. For their part, cross-chain bridges are also integrating regulatory compliance tools, such as transaction monitoring and suspicious activity detection, to prevent illicit activities. These systems flag potentially illicit transactions passing through cross-chain bridges for further investigation or action. With these initiatives, chain hopping will continue for the foreseeable future, but investigators will be better equipped to track criminals, following their flow of funds from blockchain to blockchain until they are caught digitally red-handed.