red 
Over 11,000 Bitcoins stolen from former cryptocurrency exchange Cryptsy, worth over $512 million today, are on the move. Elliptic’s internal analysis shows that over $200 million of these funds were sent to the cryptocurrency mixing service ChipMixer.
The mass laundering operation, which began on March 29, represents the first blockchain activity by the Cryptsy hackers, whose proceeds from their July 2014 hack have otherwise remained dormant for nearly eight years.
The sudden blockchain activity comes just months after two people were arrested for trying to launder $4.5 billion from the August 2016 hack of cryptocurrency exchange Bitfinex.
What happened to Cryptsy?
Cryptsy was a cryptocurrency exchange that operated until January 2016, when it announced that it was shutting down indefinitely after operating with only a fraction of its former liquidity before the hack.
Later, in January 2022, the US Department of Justice charged Cryptsy CEO Paul Vernon with stealing $1 million from the stock market, along with “tax evasion, wire fraud, money laundering, computer fraud, tampering with records, documents and other objects, and destruction of records in a federal investigation”.
Vernon, who initially failed to disclose the theft to Cryptsy customers, denies running the Cryptsy exit scam and is believed to be living in an undisclosed location in China since then. In August 2017, Vernon was ordered to return 11,000 Bitcoins to Cryptsy customers.
Bitfinex 2.0?
The movement of funds, which appears to be the start of a major cash-out operation, resembles the ill-fated attempt by hackers of the Bitfinex exchange to cash out $4.5 billion earlier this year. You can read Elliptic’s analysis of the event, which resulted in the US seizing $3.6 billion in stolen funds, here.
The rising value of Bitcoin since the theft of Bitfinex (August 2016) and Cryptsy (July 2014) – along with continued turbulence in global markets – is likely to be a key reason for hackers to attempt cash-out operations. Since Vernon allegedly stole funds from his own exchange, the stolen bitcoin grew from $5 million to $512 million.
Using mixers is a common way for cryptocurrency users to hide their funds. They work by receiving funds from a number of sources and sending the same amounts – minus a fee – to different wallets belonging to the same users.
Elliptic’s internal analysis shows that ChipMixer, along with numerous other mixers, has been used in the past to launder proceeds from darknet markets, stolen credit card markets, and various other cryptocurrency thefts.
If you want more information on identifying specific AML/CFT risks and red flags – particularly mixers and crypto asset theft – download the Elliptic Guide “Typologies of Financial Crime in Cryptoassets: A Concise Guide for Compliance Executives”.
Crypto Crime Crypto Businesses Compliance
