At least 4,836 Bitcoin (BTC) of stolen from Binance exchange in May 2019 was laundered through crypto mixing service Chipmixer.
Attackers started laundering the stolen funds in a month after the hack
Following a major Binance’s security breach that resulted in a loss of 7,000 BTC (more than $80 million at press time), hackers started to launder the stolen funds on June 12, 2019, according to research published by Luxembourg-based crypto capital flow firm Clain.
As Clain noted in the study, it was pretty straightforward to trace the subsequent steps of the attackers as it is “practically impossible to launder big volume of coins in a relatively short period of time.” As such, the researchers managed to detect the initial pool of hacker’s addresses, while further extraction of those addresses allowed them to recognise subsequent alteration to ownership of stolen funds by using a neural network, the report says.
Hackers caused highest historic inflows on crypto tumbler Chipmixer
As Chain discovered, the funds stolen from Binance were directed to crypto tumbler Chipmixer, which reportedly experienced a historical high of fund inflows. Clain added that the abnormally high volume allows one to assume that any outflow coming from Chipmixer these days is likely related to the same owner.
ChipMixer Capital Flow | Source: Clain
The research team estimated that the total amount of funds located in merged fund clusters accounted for more than 5,300 BTC. Alongside that amount, 183 BTC were identified as hacker funds after attempted laundering, while another 814 BTC are likely to be confirmed as hacker funds, pending confirmation once those funds start moving.
Clain concluded that the attackers are actively trying to break up the direct relationship with the illegal sources by using Chipmixer, while there is no evidence to suggest that the hackers have transferred money to exchanges.
As previously reported, a crypto mixing service, or a crypto tumbler, is an anonymity tool that claims to transform transactions of non-private coins to private ones by mixing crypto funds with others, which makes it difficult to trace the funds’ original source. In mid-May, Europol shut down Bestmixer.io, one of the three largest crypto tumblers, in a joint investigation with Dutch and Luxembourg authorities, as the authorities found that a large number of mixed coins came from criminal activity and were allegedly used for money laundering.
After Binance was hacked on May 7, the proceedings were reportedly moved to seven addresses, as reported by Cointelegraph on May 9. Yesterday, Binance’s CEO Changpeng Zhao reacted to rumors circulating about the alleged Know-Your-Customer data leak on the exchange, claiming that those are an attempt to spread FUD.