2022 Hits All-Time High For Crypto Crimes; Russian sanctions, North Korean hackers lead the pack

While 2022 was another big year for crypto adoption (with global ownership growing by 39%), it was also an industry record year for a less desirable factor: crime.

Crypto-related crime reached an all-time high in 2022, according to blockchain data platform Chainalysis, cumulatively reaching $20.6 billion in illicit funds transferred. This marks a growth of 15% from 2021, and a 145% increase from just two years ago.

This growth was fueled by both highly sophisticated crimes – such as the high-profile Axie Infinity Ethereum ETH hack – and fairly simple ones, such as impersonators who scam brands to send their crypto funds believing they are helping important people, government officials, or romantic partners.

However, the largest segment of increasing “crime” was not traditional crime, but sanctions by the Office of Foreign Assets Control (OFAC) against entire crypto exchanges known for money laundering and illegal services. Combined, the volume of transactions on these exchanges – primarily darknet market Hydra, decentralized mixer Tornado Cash and Russia-based cryptocurrency exchange Garantex – accounted for 43% of all criminal activity recorded by Chainalysis in 2022.

The level and type of illegal activity differed at designated centres. Virtually all funds flowing through Tornado Cash came from scams or hacks, while Garantex had a mix of dodgy, illegal and non-illegal addresses (primarily Russian civilians). Before Hydra’s servers were seized by German police last April, it was known as one of the most extensive darknet markets, used for everything from drug trafficking to money laundering from ransom attacks.

Transaction volume on these exchanges was directly driven by funds from crypto-hacking – which had its biggest year ever, with an estimated $3.8 billion stolen from businesses in 2022. DeFi protocols led the pack as the preferred target for hackers, accounting for 82% of all cryptocurrency stolen last year. DeFi hacks largely occurred through cross-chain bridge hacking, a process where a smart contract on one chain attempts to lock assets to create equivalent assets on a second chain. These concentrated transfers of value provide a high-reward opportunity for hackers, the digital equivalent of robbing trucks on the highway.

While cross-chain bridges present an enticing hacking opportunity, DeFi by nature is not necessarily more vulnerable to hacks than other protocols. Rather, according to cybersecurity firm Halborn, it’s a result of prioritizing growth over security.

“The DeFi community generally doesn’t demand better security – they want to go to high-return protocols. But these incentives lead to problems down the road,” says Halborn COO David Schwed. “A large protocol should have 10 to 15 people on the security team, each with a specific area of ​​expertise.”

These lax protocols have allowed professionally organized groups, such as the North Korean criminal syndicate Lazarus Group, to profit enormously from their hacking efforts. Last year, the Lazarus group broke their previous record for theft, stealing an estimated $1.7 billions value of cryptocurrency during the year. Included in these was the $80 million Qbridge hack – South Korea’s largest single hack in 2022. The hack essentially allowed North Korean hackers to create an unlimited amount of qXETH (meant to represent bridged Ethereum) without actually owning any Ethereum, and then borrow BNBBNB tokens from the exchange, based on the value of the fake qXETH.

Much of North Korea’s stolen funds were historically laundered through Tornado Cash, again demonstrating the intimate and functionally crucial relationship between illicit activities and money laundering exchanges. But as soon as Tornado Cash was sanctioned, North Korean hackers began moving their money laundering activities to Sinbad, demonstrating the cat-and-mouse game with authorities that is likely to be an inventory of crypto as new exchanges emerge to replace sanctioned ones.

The amounts stolen are not trivial. With the value of North Korea’s exports estimated at $142 billion in 2020, $1.7 billion in stolen crypto funds represents 11 times the value of all foreign money the country received from outside trade. This hideous cash is believed by experts to be used to fund the country’s nuclear weapons program, compounding the damage from stealing the funds themselves.

Cumulatively, these activities drove up cryptocrime in both absolute and relative terms – with illegal activity as a share of all cryptocurrency transactions increasing for the first time since 2019. However, it is also worth noting that despite these increases, criminal activity continues to represent a minimal activity. amount of the total crypto industry, which accounts for only 0.24% of all market activity in 2022.

While all illegal transactions are by nature designed to be hidden, the design of public ledgers on the blockchain means that wallets used for illegal activity are often out in the open. However, Chainalysis claims that these activities are only a minimum guess of the total illegal crypto activity, and total amounts are likely to be revised upwards.

Follow me on Twitter. check out my website.