Cyber-criminals are finding new ways to hide the origins of their ill-gotten gains by diverting them to crypto mining pools, a recent report by Chainalysis has revealed.
Mining pools, which allow miners to combine their computing power, are being utilized by malicious actors as a way to mix and obscure the source of their funds. This tactic essentially creates a smokescreen, making it look like the funds are generated through legitimate mining activities rather than through criminal means like ransomware attacks.
According to Chainalysis, there has been a noticeable increase in the amount of money flowing from ransomware wallets to mining pools since 2018. In fact, tens of millions of dollars’ worth of cryptocurrency have been funneled from ransomware addresses to these pools every quarter over the past year.
The report also highlights a concerning trend where funds from ransomware wallets are being sent to exchange deposit addresses that receive significant amounts from mining pools. This suggests that cyber-criminals are attempting to pass off their illicit funds as legitimate mining proceeds.
Not only ransomware actors but also crypto scammers are using mining pools as a means to launder their funds, further complicating the issue of tracing the origins of these transactions.
Chainalysis proposes a solution to this problem by calling for stricter screening measures by mining pools and hashing services. By rejecting transactions from addresses associated with criminal activity, these platforms can help prevent the laundering of funds through mining pools. Additionally, exchanges are urged to exercise caution when receiving funds from wallets with ties to mining pools, utilizing tools like “know your transaction” to better understand the source of these funds.
Overall, the report underscores the importance of collaboration between industry stakeholders to combat the misuse of mining pools for illicit activities. By implementing stricter protocols and enhanced due diligence, the crypto community can work together to prevent cyber-criminals from exploiting these platforms for their own gain.