• Fri. May 24th, 2024

Money Laundering via Mining Pools

Avatar photo

ByContent

Jul 11, 2023
Money Laundering via Mining Pools

The Use of Mining Pools in Money Laundering

According to recent findings, a large exchange (unnamed) received substantial amounts of money from wallets and mining pools associated with ransomware. Approximately $100 million in cryptocurrency was deposited into the exchange’s wallet address, with $19.1 million originating from ransomware addresses and $14.1 million from mining pools.

Evading Detection and Tracing through Mining Pools

Analysts have revealed that the attacker utilized a mining pool to transfer funds to the exchange, circumventing detection of suspicious transactions. By leveraging the mining pool as a cryptocurrency mixer, the source of the funds becomes untraceable. This method allows stolen funds to appear as legitimate mining proceeds rather than proceeds from a ransomware attack.

Analysts acknowledge that exchanges should have the ability to trace such activities. However, attackers may attempt to pass off their own funds as mining proceeds without initially involving a mining pool. This money laundering technique has gained popularity over time. Since 2018, the attacker’s wallet address on the exchange has received a total of $158.3 million from ransomware addresses.

Chainalysis, a leading blockchain analysis firm, reports that nearly $1.8 billion of illicit cryptocurrency has flowed into deposit addresses with a high risk of mining.

To address this issue, experts suggest that mining pools implement a more robust wallet verification process in addition to Know Your Customer (KYC) measures. Rejecting funds from suspicious addresses could effectively deter money laundering activities.

The use of mining pools for money laundering is not an isolated incident. The cryptocurrency pyramid scheme BitClub employed similar tactics until its operators were indicted by the U.S. Department of Justice in 2020, as noted by Chainalysis.

Notably, North Korean hacker group APT43, also known as Archipelago, engages in money laundering through mining. Last year, North Korean hackers managed to steal $1 billion worth of cryptocurrency, with the North Korean General Intelligence Bureau overseeing most of the attacks in the cryptocurrency market. These significant thefts have allowed North Korea to expedite the development of its ballistic missile program, among other initiatives.