More than half a billion dollars have been laundered in crypto assets originating from theft, fraud, ransomware and various other types of criminal activity since 2020, a new report has revealed.

The report by Blockchain analysis group Elliptic said one cross-chain bridge in particular — RenBridge — has been used to launder at least $540 million in crypto assets by hackers and fraudsters.

Cross-chain bridges allow crypto assets to be transferred between blockchains, without going through a centralized service such as a crypto exchange.

Billions of dollars in assets have been transferred between Bitcoin, Ethereum, and other blockchains — using bridge services such as Portal, cBridge, and Synapse.

“RenBridge has become particularly popular with those seeking to launder the proceeds of theft,” the report mentioned.

Crypto assets stolen from exchanges and decentralized finance (DeFi) services worth at least $267.2 million have been laundered through RenBridge over the past two years.

This includes $33.8 million stolen from the Japanese crypto exchange Liquid in August 2021. In total, $97 million was stolen from Liquid, in an attack that has been linked to North Korea, said the report.

Buy Me a Coffee

Sometimes, these stolen funds come from other cross-chain bridges.

“Just days ago, $156 million was stolen from the Nomad bridge, following the discovery of a bug that was exploited by numerous individuals,” said the team.

Hours later, some of the thieves were sending the stolen funds through RenBridge.

So far, $2.4 million in crypto assets stolen from Nomad have been sent through RenBridge.

READ
RomCom Cybercrime Group Exploits Zero-Day Chain to Target Firefox and Tor Users

“RenBridge is also an important facilitator for Russia-linked ransomware gangs, with over $153 million in ransom payments laundered through the service to date,” the report noted.

Blockchain bridges such as RenBridge pose a challenge to regulators since there is no central service provider that facilitates these cross-chain transactions.

Instead, transactions are processed by a network of thousands of pseudonymous validators known as “Darknodes”.