According to blockchain research firm Elliptic, hackers, fraudsters, and others have laundered at least $540 million using the cryptocurrency bridge network RenBridge since 2020. The analysis was issued today by Elliptic researchers, who used RenBridge as an illustration of the hazards of decentralized cross-chain networks.
RenBridge is marketed as a simple solution to transfer virtual currencies such as ZCash and Bitcoin to the Ethereum network and subsequently to other blockchains. However, “as well as being a lawful tool, cross-chain bridges have emerged as a crucial facilitator of money laundering,” allowing users to bypass rules and quickly shift money between networks, according to the paper. This includes earnings from ransomware activities as well as theft from other chains.
Although cryptocurrency is not as untraceable as some users believe, it is still feasible to conceal the source of payments using specialized services, particularly decentralized ones like Elliptic. Regulators have begun to take note. Tornado Cash, a decentralized mixer meant to disguise the origins of cryptocurrency, was sanctioned earlier this week by the US Department of Treasury. In May, it made a similar step with the mixer Blender.io. In each of those instances, the government cited the purported usage of the services by North Korean hacking organizations.
According to Elliptic, RenBridge was used to launder money stolen from Japan’s Liquid crypto network, a theft connected to North Korea. RenBridge is also said to be popular with Russia-linked ransomware operations, with $153 million in ransomware being laundered via the site.
Many additional digital services, such as privacy and censorship avoidance, may be utilized for both illegal and noncriminal objectives. However, decentralized finance, or DeFi, is especially vulnerable to theft and hacking, and finding chokepoints might be beneficial to both security experts and governments.
