Europol, US and Germany make €46m ChipMixer bust

The U.S., Germany and Europol have taken down the infrastructure behind ChipMixer, a platform commonly used by darknet criminals to launder cryptos.

Europol, working closely with German and U.S. authorities, has brought down ChipMixer’s infrastructure over alleged involvement in money laundering.

Authorities recover 1909.4 BTC 

National authorities took down four ChipMixer servers, about 7 TB of data, and 1909.4 BTC in 55 transactions, worth about $46 million.

ChipMixer has been around since mid-2017. It allegedly blocked blockchain trails of funds, hence attracting money laundering demand from people involved in weapons trafficking, drug trafficking, credit card fraud, and ransomware attacks, among others forms of illegal activity.

The platform allowed users to deposit funds, which become “chips”, which would get mixed on the platform. Hence, all trails become anonymous, so their origin is untraceable. 

The authorities’ investigation uncovered that the platform may have seen over 152,000 bitcoins (€2.73 billion) laundered in crypto assets. Most funds originated as funds from ransomware groups, trafficking groups, crypto hackers, darkweb markets, and sexual exploitation operations. 

Authorities are also looking into the possibility of crypto assets stolen from a large crypto exchange’s bankruptcy, FTX, laundered through ChipMixer. ChipMixer’s website now shows Germany’s Federal Criminal Police Office Bundeskriminalamt (BKA) seizure banner.

Ample collaboration to take down ChipMixer

ChipMixer has been on the government’s radar due to its alleged connections with the criminal laundering of crypto assets.

The Hydra Market darkweb platform takedown in April 2022 uncovered several transactions in millions of euros linked to the mixer. In addition, ransomware actors such as Mamba, Dharma, Lockbot, and Zeppelin, among others, have used the platform to launder payments they receive. 

Europol has spearheaded the information exchange between Belgium, Poland, USA, Switzerland, and German authorities.

The law enforcement cooperation has also provided analytical support to link the available data to criminal cases both in the E.U. and outside through crypto tracing, forensic analysis, and operational analysis.

Notably, the Joint Cybercrime Action Taskforce(J-CAT) at Europol, consisting of cybercrime liaison officers from different countries, was also part of the operation.

Meanwhile, another mixer, the Tornado Cash mixer, received sanctions last year. The U.S. Treasury Department’s Office of Foreign Asset Control mentioned the platform facilitated North Korean money laundering operations.