For our recent webinar we invited a panel of experts and covered cross-chain crime and chain hopping and how criminals are using these techniques for money laundering and illicit activities involving cryptocurrencies.
Cross-chain refers to transferring assets between different blockchain networks, while chain hopping involves moving funds step-by-step across various chains.
Moderator: Head of Compliance and Regulations, Hedi Navazan @ Crystal Blockchain
Speaker: Head of Investigations, Scott Pounder @ Crystal Blockchain
Speaker: Rob Moore, Founder @ Arrowsgate, specialized in cyber security and investigation
Challenges of decentralized services
Our guest speaker, Rob Moore, Managing Partner from Arrowsgate, a cybersecurity firm from the UK, shared his experience and insights on fraudulent schemes related to coin swap services. He highlighted that criminals use chain-hopping techniques for money laundering and other illegal purposes. He emphasized that the vulnerabilities of decentralized and centralized services lay in identification and verification.
Criminals and high-risk entities often exploit decentralized services, custom bridges, and coin swap services for money laundering and other illicit crypto activities. These services are attractive to criminals because they don’t require users to open accounts or verify their identities, making them vulnerable to malicious activities.
What are Coin Swapping Services?
Decentralized services run on smart contracts and enable cross-asset swaps within the same blockchain. Cross-chain bridges, on the other hand, are decentralized services that facilitate asset swaps across different blockchain platforms. Coin swap services, mostly centralized platforms, allow anonymous exchanges between assets. The absence of identification verification makes these platforms appealing to criminals.
Tracing Cryptocurrencies using Crystal Blockchain Analytics
Rob highlighted how Crystal’s solution tracks and analyzes funds in fraudulent activities, following them to identify their destination and deanonymize crypto addresses. Centralized exchanges with Know Your Customer (KYC) policies are often targeted and used to cash out or cross-chain swap funds.
However, without disclosure from the exchange, the exact actions taken by the perpetrators remain unknown until data are obtained, and further analysis can be conducted. Using Crystal, funds can be tracked relatively quickly unless hidden behind private addresses.
Using blockchain analytics tools for court reports
Rob pointed out that analyzing where the funds end up is usually the fastest part while writing up the findings and preparing them for court is a more time-consuming task.
Ensuring the report is clear and understandable by lawyers and judges is crucial. Criminals are increasingly leveraging cross-asset, cross-chain transactions to obfuscate their illicit activities.
Blockchain analytics tools like Crystal are designed to trace such activities.
However, not all tools can demonstrate chain hopping. Access to a blockchain data analytics tool is necessary for manual work to track and analyze these transactions. Using blockchain analytics tools like Crystal to track funds, identify illicit activities, and prepare evidence for legal proceedings is valuable to understand complex multichain activities.
The role of multichain visualizations in tracking illicit activity
The complexity of the crypto ecosystem arises from the various blockchain networks, each with its own protocols, structures, and transaction formats. Tracking transactions across multiple chains requires a deep understanding of these intricacies and the ability to navigate through different blockchain explorers and APIs.
Many blockchain networks operate independently, making it challenging to seamlessly connect and trace transactions across different chains. Unique addressing schemes and transaction formats further complicate the manual mapping and correlation of addresses and transactions across chains. With the increasing number of transactions, this process becomes even more time-consuming.
Privacy is another hurdle.
Specific blockchain networks, particularly privacy-centric cryptocurrencies, have enhanced privacy features that can obscure transaction details. This aspect makes it difficult to trace funds manually, adding another layer of complexity.
In addition to the above challenges, the manual tracking process requires significant time and resources. Even for a simple payment, it could take weeks to track its whereabouts manually. Human error and other potential issues further contribute to the uncertainty of obtaining accurate results.
Crystal’s Head of Investigations, Scott Pounder, stressed that law enforcement has relied on manual tools due to limited options and access to blockchain-specific tools in the past. However, the process has become easier with the emergence of blockchain analytics tools like Crystal. These tools provide visualizations and other features that facilitate the tracking and analysis of transactions.
Atomic Wallet hack explained
Moreover, Scott explained multichain visualization, specifically in the case of the Atomic Wallet hack, which suffered over $100 million in cryptocurrency losses.
Scott shared a visualization of the different chains involved in the case, including Ethereum Classic, Litecoin, Bitcoin, VMB, Tron, USD C, and USD T.
The benefit of multichain visualization is demonstrated by showing how all the different currencies ultimately flow into one exchange.
Licensed exchanges are expected to perform KYC, making them potential targets for legal inquiries. The analysis focuses primarily on tracking where the money has been sent rather than its origin.
A complete overview of the transactions and activities can be obtained using Crystal. The investigation involves selecting specific blockchains, such as Bitcoin or Bitcoin Cash, to examine and analyze the associated transactions, received amounts, sent amounts, and current balances.
The shortest paths and connections to other entities, primarily exchanges, are explored to understand the movement of funds. Each blockchain, including Ethereum, Ethereum Classic, Litecoin, and Tron, is examined similarly, identifying notable transactions and destinations. The visualization also demonstrates the flow of funds across different currencies and highlights exchanges where legal requests or inquiries can be made.
The visualization presented by Scott demonstrates the funds being converted to different tokens and bridged across various blockchains.
Tracking these funds across different tokens and blockchains can be a time-consuming and challenging manual process, sometimes proving to be unsuccessful or impractical without the assistance of advanced algorithms. The hack of Atomic Wallet raises broader topics related to cybersecurity, wallet security, and the tactics employed by hackers, particularly in this case, which is believed to be linked to the North Korean hacking group Lazarus.
Presenting reliable and tracible data
Our webinar also touched on romance scams and the emotional difficulties of informing victims that their online relationships were part of a scam and the subsequent challenges in convincing them that further payments will not unlock their funds. Sometimes we even see a double scam scenario, where fraudsters pose as asset recovery firms or law enforcement to extort more money from victims. Educating judges and the judiciary system about crypto-related crimes is essential, as they may need to gain the necessary knowledge or understanding of the technology. Simplifying complex concepts through visualizations and avoiding excessive technical jargon are recommended when presenting evidence to non-technical audiences such as judges and juries. While challenges in providing evidence have been manageable thus far, we need to ensure that the presented data is reliable and tracible to the source.
Cross Border Collaboration
Our experts agreed on the importance of cross-border collaboration among supervisory and law enforcement agencies in implementing regulations and combating illicit activities. Our Head of Compliance and Regulatory Affairs, Hedi Navazan pointed out the difficulties involved in exchanging intelligence and coordinating efforts across different countries, citing the example of shutting down the Hydra market, which required extensive cross-border collaboration over several years. The collaboration between the private and public sectors and harmonizing efforts across borders is essential.
We addressed the issue of law enforcement agencies refusing to cooperate or review analyzed data, and we shared an example where obtaining information from an exchange located in a different country proved challenging due to the need for mutual collaboration between cross-border agencies. Similar cases are mentioned where local police or law enforcement lacked knowledge, training, or resources to take appropriate action, resulting in missed opportunities to address criminal activities. The need for better training and allocation of resources is crucial to ensure effective collaboration and investigation.
The future of crypto investigations
Our recent webinar shed light on cross-chain crime and chain-hopping techniques criminals use for money laundering and illicit activities involving cryptocurrencies.
The complexity of the crypto ecosystem, with its various blockchain networks and transaction formats, poses significant challenges for tracking and tracing funds across multiple chains. Manual processes are time-consuming, prone to human error, and often yield uncertain results.
As the crypto landscape evolves, it is essential to stay informed about the techniques used by criminals, leverage advanced tools for analysis, and foster international cooperation to combat crypto-related crimes effectively.
To discover how Crystal can transform your approach to investigations, book a demo to see our solution for yourself.
