An international law enforcement operation has seized the 'ChipMixer' cryptocurrency mixing service which is said to be used by hackers, ransomware gangs and scammers to launder their profits.
The operation was carried out by Europol in coordination with German (BKA) and US (FBI) law enforcement, which allowed police to seize four servers, 7TB of data and $46.5 million in cryptocurrency (Bitcoin). .
This operation makes it the largest seizure of cryptocurrency assets by BKA to date.
ChipMixer has been one of the largest cryptocurrency mixing platforms operating on the dark web since 2017, allowing users to convert their money into untraceable "chips", which are then cashed out at "clean" cryptocurrency addresses that they can be converted into FIAT money.
As the police seized the infrastructure, including the Tor dark web servers from the operation, visitors to the platform will now see a seizure banner from Germany's Federal Criminal Police Office, Bundeskriminalamt (BKA).
Source: Bleeping Computer
Cryptocurrency mixing platforms, also known as "tumblers", take digital assets from users and add them to a massive pool of cryptocurrencies that contain other people's coins.
These coins are then โblendedโ by mixing the cryptocurrency between many new wallet addresses, increasing the privacy and anonymity of cryptocurrency holders and transactions. For this activity, the blending service charges a fee, which can be a flat fee or a percentage of the blended amount.
While there are legitimate use cases for such services, they are predominantly used by cybercriminals searching evade identification and prosecutionand this was much the case with ChipMixer too.
โInvestigation into the criminal service suggests that the platform may have facilitated the laundering of 152,000 Bitcoins (worth approximately โฌ2.73 billion according to current estimates) in crypto assets,โ the post read. Europol Announcement.
"A large part of this is connected to dark web markets, ransomware groups, trafficking in illicit goods, acquisition of child sexual exploitation material, and stolen crypto assets."
Authorities found more links to illegal activities on the ChipMixer service that emerged from examining the seized infrastructure of the Hydra dark web marketplace than German police confiscated in April 2022.
Ransomware groups that have confirmed using ChipMixer to launder their ransoms include LockBit, Zeppelin, SunCrypt, Mamba, and Dharma.
Additionally, there are indications that ChipMixer helped launder stolen assets from a large cryptocurrency exchange following its bankruptcy last year. However, authorities are still investigating on that front.
In a post published today, the BKA also mentions that the main operator of ChipMixer has been identified, and the FBI is already on a manhunt to bring him to justice.
In addition, a reward is now offered through the US Department of Justice's "Rewards for Justice" program.
Update 3/15 - The US Department of Justice has released an announcement regarding the seizure of ChipMixer and also announced the indictment of a person believed to be the creator and operator of the platform.
"Minh Quแปc Nguyแป n, 49, of Hanoi, Vietnam, was charged today in Philadelphia with money laundering, operating an unlicensed money transmission business, and identity theft, related to the operation of ChipMixer," the Department announced. US Justice in a statement. Press release.
"Nguyแป n created and operated the online infrastructure used by ChipMixer and promoted ChipMixer's services online."
"Nguyแป n registered domain names, purchased hosting services, and paid for the services used to run ChipMixer through the use of anonymous, pseudonymous, and identity theft email providers."
