Cryptocriminals Laundered $540 Million Using RenBridge, Elliptic Says

A key way criminals in the crypto world launder money is by sending digital assets across blockchains, bypassing a centralized service that can track and freeze transactions.

They use so-called cross-chain bridges to make it happen, and the dollar amounts are large. A particular cross-chain bridge called RenBridge has been used to launder at least $540 million in crime-related cryptocurrencies since 2020, according to new research from blockchain analytics firm Elliptic.

Included in that amount is $153 million in ransom payments, meaning hackers use RenBridge to break into corporate networks and force companies to pay to get their data back. Elliptic says RenBridge was “a key facilitator” of gangs linked to Russian ransom money.

David Carlisle, Elliptic’s vice president of policy and regulatory affairs, said bridging with chains is “a bit of a blessing and a curse” at the moment. Like so many popular crypto tools, they help expand the market by giving people more ways to pay and trade. Cross-chain bridges are particularly important to the development of the decentralized finance, or DeFi, space, which is crypto’s alternative to the banking system.

The downside is, “they’re effectively uncontrolled, and so very vulnerable to hacks, or to being used in crimes like money laundering,” Carlisle told CNBC.

Carlisle said he expects regulators to begin zeroing in on bridges in the next six to 12 months, as governments continue to crack down on the darkest corners of the crypto world.

On Monday, the Treasury Department blacklisted crypto-mingling service Tornado Cash, alleging that the service was used to launder more than $7 billion in virtual currency since 2019. Carlisle said the action by the Treasury Department’s Office of Foreign Assets Control shows that U.S. regulators are prepared to go after criminal behavior in crypto.

“A big question is whether bridges will be subject to regulation, since they act a lot like crypto exchanges, which are already regulated,” Carlisle said.

Developers have built cross-chain bridges to allow users to send tokens from one chain to another. Transfers of digital assets between chains rely on Darknodes, or networks of thousands of pseudonymous validators. It has allowed them to become a prime tool for hiding cryptocurrencies.

RenBridge became a popular destination to do just that. Elliptic says it has been used to launder assets stemming from theft, fraud, ransomware and various other types of criminal activity.

Other cryptoassets laundered via RenBridge were likely stolen by North Korea, Elliptic said. The service was also used by the cybercrime group Conti, which recently attacked the Costa Rican government and triggered a national state of emergency. Elliptic’s research shows that Conti laundered more than $53 million through RenBridge.

“Cross-chain bridges are a loophole in the regulatory regime that has been painstakingly established by governments around the world to combat crypto-laundering,” said Tom Robinson, Elliptic’s Chief Scientist.

RenBridge is a go-to option for those looking to clean stolen cash. More than $267 million in crypto assets obtained from exchanges and DeFi services were laundered through RenBridge in the past two years, including $33.8 million from Japanese crypto exchange Liquid, according to Elliptic.

The bridges are particularly vulnerable to attack.

Blockchain cybersecurity firm CertiK previously noted that when bridges hold hundreds of millions of dollars of assets in custody and multiply their possible attack vectors by operating across two or more blockchains, they become prime targets for hackers.

Last week, a bridge known as Nomad lost nearly $200 million in a devastating exploit as a result of a failure. Within hours, the thieves started using RenBridge to launder the money. So far, $2.4 million in cryptoassets stolen from Nomad have been sent through RenBridge, according to Elliptic.

“Ransomware gangs, fraudsters and even North Korean hackers are shifting from regulated crypto exchanges to a decentralized, unregulated alternative,” Robinson said.

SEE: This crypto winter should be less severe and shorter in duration