red 
- Decentralized cross-bridges are an unregulated alternative to exchanges for transferring value between blockchains.
- One such bridge – the RenBridge – has facilitated the laundering of at least $540 million in the proceeds of crime.
- This includes over $153 million in ransomware revenue, along with cryptoassets believed to have been stolen by North Korea.
- More than $2.4 million since the August 1 Nomad hack has already been laundered through RenBridge.
Cross-chain bridges allow the transfer of cryptoassets between blockchains, without going through a centralized service such as an exchange. Billions of dollars in assets have been transferred between Bitcoin, Ethereum and other blockchains – using bridge services such as Portal, cBridge and Synapse.
In addition to being a legitimate tool, cross-bridges have also emerged as key facilitators of money laundering. The movement of the proceeds of crime between blockchains – sometimes called “chain-hopping” – has long been used as a means of avoiding tracking, usually achieved by exchanging assets via a cryptoasset exchange that can be used anonymously.
However, these exchanges are now heavily regulated in most jurisdictions and are required to identify their customers and provide information to law enforcement investigators. Decentralized cross-bridges provide unregulated alternatives embraced by cybercriminals.
Our analysis of cross-transactions using Elliptic’s new Nexus technology shows that one cross-bridge in particular – RenBridge – has been used to launder at least $540 million in crypto assets originating from theft, fraud, ransomware and various other types of criminal activity since 2020.
.png?width=595&height=407&name=renbridge_blog_graph_area%20(1).png)
RenBridge has become particularly popular among those seeking to launder the proceeds of theft. Cryptoassets stolen from exchanges and decentralized finance (DeFi) services worth at least $267.2 million have been laundered through RenBridge over the past two years. This includes $33.8 million stolen from Japanese crypto exchange Liquid in August 2021. A total of $97 million was stolen from Liquid, in an attack linked to North Korea.
.png?width=595&height=335&name=renbridge_blog_graph_pie%20(1).png)
Sometimes these stolen funds come from other cross bridges. Just a few days ago, $156 million was stolen from Nomad Bridge, following the discovery of a bug that was exploited by numerous individuals. A few hours later, some of the thieves were sending the stolen funds through RenBridge. So far, $2.4 million worth of cryptoassets stolen from Nomad have been sent through RenBridge.
RenBridge is also an important facilitator for Russia-linked ransomware gangs, with over $153 million in ransom payments to date laundered through the service.
Cybercrime group Conti – which recently attacked the Costa Rican government and launched a national state of emergency – laundered over $53 million through RenBridge. Meanwhile, Ryuk has carried out ransomware attacks on hundreds of hospitals and schools over the past four years and has laundered over $92 million to date, with transfers still ongoing.
Blockchain bridges like RenBridge pose a challenge to regulators, as there is no central service provider to facilitate these cross-transactions. Instead, transactions are processed by a network of thousands of pseudonymous validators known as “Darknodes”. The Financial Action Task Force (FATF) recently called money laundering through “chain hopping” in its latest report on the risks of virtual assets, but it remains to be seen how this type of activity could be regulated.
However, the transparency of decentralized systems can still be used to track transactions across cross-chain bridges. Elliptic’s unique Holistic Screening capability – launched today – enables the tracking of criminal proceeds, even as they move between blockchains through services like RenBridge. Holistic Screening is powered by Nexus, Elliptic’s new blockchain analysis engine, which enables complex, manual cross-chain research to be replaced with API calls and automated risk assessment – leading to greater efficiency within compliance teams.
For more insights into cross-chain crime and how to manage risk, visit our dedicated Holistic Screening page, where you can also register for our upcoming webinars: Managing Risk in a Cross-Chain World.
Learn more about holistic screening
This is an extract from our new research report ‘The State of Inter-Chain Crime 2022’, which will be published next month. Sign up now to get your free copy as soon as it’s released.
