Cybercriminals are continually finding new ways to exploit vulnerabilities in the digital landscape. Blockchain analysis firm @Chainalysis revealed an interesting trend in their blog post, according to which these malicious actors are now turning to crypto mining pools as a means of money laundering – instead of mixers.
This shift in strategy has caught the attention of experts, as it poses new challenges for law enforcement agencies and highlights the evolving tactics employed by cybercriminals.
Traditionally, cybercriminals relied on cryptocurrency mixers or tumblers to obscure the origin of illicit funds. These services allowed them to shuffle cryptocurrencies among multiple addresses, making it difficult to trace the money trail. However, with increased scrutiny on these mixing services and advancements in blockchain analytics, criminals have adapted their methods.
Now, according to Chainalysis, cybercriminals have started exploiting crypto mining pools in a quite elegant way to wash their ill-gotten gains. Mining pools are collaborative networks where many smaller participants combine their computing power to mine new cryptocurrency blocks more effectively. The reward for the found blocks (consisting of the network's block subsidy and fees) is paid to the pool operator, which then distributes it among all the participants according to their share in the pool. This legitimate operation allows cybercriminals to blend their tainted funds with clean funds generated through mining activities.
Source: Chainalysis
By participating in mining pools, cybercriminals can deposit their illicitly obtained cryptocurrencies alongside legitimate mining rewards to the pool. The mixing occurs when these pooled funds are distributed back to all the participants, making it challenging to trace the original source of the funds. This technique effectively disguises the illicit origins of the funds and makes it harder for investigators to follow the money trail.
"This may represent a sophisticated attempt at money laundering, in which the ransomware actor funnels funds to its preferred exchange via the mining pool in order to avoid triggering compliance alarms at the exchange," — Chainalysis.
The use of crypto mining pools as a mixer-like laundering mechanism by cyber criminals highlights once again these malicious actors' adaptability. It presents a new layer of challenges for law enforcement agencies in this perpetual arms and defense race. Also, the dynamic nature of mining pools and their constant evolution make it difficult to implement effective regulatory measures.
Obviously, fighting these new practices involves further proliferation of stricter KYC procedures and enhanced transaction monitoring. It also gives us a reason to expect new sanctions and lawsuits from regulators in the foreseeable future, this time against the mining pools.