Crypto mixers, or tumblers, use smart contracts to hide transaction origins by blending cryptocurrencies from multiple users. These mixers, while enhancing privacy, are often exploited by hackers to launder stolen assets. Notably, North Korean hackers, including the Lazarus Group, have employed mixers alongside decentralized exchanges (DEXs) and crosschain protocols to facilitate complex laundering operations. For example, the Lazarus Group used the THORChain and various mixers to obfuscate $1.46 billion stolen from Bybit. Hackers typically utilize a three-stage laundering process: placement, layering, and integration to disguise illicit funds. They employ strategies like splitting large amounts into smaller transactions and exploiting vulnerabilities in crosschain bridges to create false deposits or manipulate validator systems. Investigators counteract these strategies using advanced tools to track and analyze crosschain transactions, identifying laundering patterns and linking addresses to potential exchanges for recovery efforts. With emerging regulatory scrutiny on mixers due to their illicit use, the balance between privacy and security in the crypto landscape remains a critical concern.

Source 🔗