In 2022, the effectiveness of using cryptocurrency mixers has doubled compared to last year. This is stated in the report of the analytical company Chainalysis.

In April, the 30-day moving average hit an all-time high of $51.8 million. According to experts, the most active users of mixers this year were cybercriminals and people under government sanctions.

“Illegal addresses account for 23% of funds sent to mixers from 12% in 2021 to 23% in 2022,” Chainalysis says.

Analysts recalled that there are many legitimate reasons for using a mixer, including trading cryptocurrencies under an oppressive government or anonymizing legitimate but confidential transactions.

“However, the core functionality of such services, combined with the fact that they rarely request KYC information, makes them attractive to cybercriminals,” the researchers added.

Mixer activities in the US are classified as money transfers under the Bank Secrecy Act. Such transactions should be recorded. FinCEN and implement an anti-money laundering program. However, Chainalysis is not aware of any mixers that are currently KYC/AML compliant.

Most of the funds received by the mixers come from centralized exchanges, protocols, and DeFi addresses associated with sanctioned countries, the darknet, and hackers such as North Korea’s Lazarus Group.

At the same time, analysts do not exclude that the popularity of such services may decrease in the future due to the ability of analytical tools to parse certain transactions and see the original source of funding.

Recall that in May, the US Treasury Department added the Blender.io cryptocurrency mixer and the associated bitcoin and Ethereum addresses to its sanctions list. According to the agency, the service helped launder funds stolen by North Korean hackers and was allegedly involved in ransomware attacks.

Blender received approximately $20.5 million of the $622 million stolen in the hacking of the Axie Infinity Ronin cross-chain bridge.

In June, cybercriminals sent $36 million in Ethereum from the Harmony Protocol Horizon bridge to the Tornado Cash mixing service. Analysts have identified several reasons that suggest North Korean Lazarus was behind the attack.

Read ForkLog bitcoin news in our Telegram – cryptocurrency news, courses and analysis.