Crypto crime hit a new all-time high in 2021, will phony addresses receiving $14 billion over the year compared to $7.8 billion stolen in 2020. However, these numbers do not tell the entire story as highlighted in the Chainalysis 2022 crypto crime report.
Crypto adoption and usage is growing quicker than ever before. Across all of the cryptos that were tracked by Chainalysis, the total transaction volume increased to $15.8 trillion in 2021, up 567% from the 2020 totals.
Given the rapid adoption rates, it is not surprising that many cybercriminals have turned to crypto. But since the increase in crypto crime transaction volumes was only 79%, an order of magnitude below the general adoption, comes as the biggest surprise.
With the growth of legal crypto usage outpacing the growth of criminal usage, crypto crime activity’s share of the crypto transaction volume has never been this low. Transactions involving illegal addresses represented only 0.15% of crypto transaction volume last year despite the value of criminal transaction volumes reaching record-high levels.
However, this figure might rise as Chainalysis identifies many other addresses linked to illegal activity and integrates their transaction activity into the historical volumes. For example, in the previous Crypto Crime Report, 0.34% of 2020’s crypto transaction volume was linked to illegal activity. The figure has now increased to 0.62%.
Notably, the annual trends indicate that apart from 2019, which was an extreme outlier year for crypto-based crime mainly as a result of the PlusToken Ponzi scheme, crime is continuously becoming a smaller and smaller part of the crypto space.
Law enforcement’s ability to fight crypto-based crime is also changing rapidly. Some of the notable examples from 2021 include the CFTC filing charges against multiple investment scams and the FBI’s takedown of the prolific Revil ransomware strain. The regulators were also involved in OFAC’s sanctioning of Suex and Chatex, two Russia-based crypto services majorly involved in money laundering.
Nevertheless, analysts need to balance the positives of the growth and legal crypto use with the understanding that $14 billion worth of crypto crime represents a major challenge. Criminal abuse of digital assets and crypto develops massive impediments for continued adoption, increases the possibility of curbs being imposed by governments. In the worst-case scenario, these criminals victimize innocent people globally.
The 2022 report explains where and how crypto crime increased, the trends amongst different types of cybercriminals, and how crypto businesses and regulators globally are responding.
Criminal Whales ‘Hodl’ More Than $25 Billion Of Digital Currency
The crypto whales are investors that have at least $1million in their private wallets. In that context, hodlers are the investors who refuse to sell their massive investments in cryptos hoping to get profits in the future.
With the crypto markets exploding, crypto holdings among cybercriminals, known as criminal balance, also spiked from $3 billion in 2020 to more than $11 billion last year. Criminals are using crypto crime strategies to steal digital currency from enterprises. They have become the biggest holders of crypto across the world, accounting for 3.7% of the total crypto whales in 2021.
Based on blockchain analytics company Chainalysis, which tracks criminal activities connected to crypto transactions, there are a staggering 4,068 crypto crime whales, about 3.7% of the crypto whales that are now holding more than $25 billion worth of crypto among them.
In the crypto world, hodling is a term used for people holding on to huge sums of cryptos hoping for future profits, and not selling them. In the Crypto Crimes Report 2022, Chainalysis stated that crypto holdings among cybercriminals, known as criminal balance, exploded to reach $11 billion in 2021.
Most of that amount was dominated by stolen funds that contributed around $9.8 billion, or 83%, of all the crypto holdings with these criminals in 2021. Based on the data offered by Chainalysis, 1,374 whales got 10-25% of their balance from illegal sources while 1,361 got 90-100% of their balance from criminal addresses.
There has been a considerable surge in crypto crimes last year, mostly stolen funds, as highlighted in the report. Illegal activities reached an all-time high, gaining almost 80% to reach $14 billion from $7.8 billion recorded in 2020.
Nonetheless, the cumulative transaction volume also surged by an incredible 567%, showing that legal transactions managed to outpace criminal involvements.
The decentralized finance (DeFi) sector, including many DeFi projects, was a haven for crypto crimes. The category recorded the highest number of criminal activities, as highlighted in The Block crypto data.
Based on the same data, the criminals stole funds by exploiting some coding flaws in non-collateralized cryptocurrency loans or flash loans. Chainalysis said that blockchain platforms assist in tracking criminals in the crypto crime space more efficiently than fiat-based crime since crypto funds can be quantified from a single public data set.
In the case of fiat crimes, criminals use a chain of foreign banks and audacious shell corporations to hide the stolen money. Chainalysis mentioned:
“But in cryptocurrency, transactions are saved on the blockchain for all to see, and this helps government agencies track the criminals and bring them to justice.”
As the crypto space gained value in 2021, so did the amount of scamming revenue.
DeFi Surge Resulted In New Crypto Crime Opportunities
Several new crypto-based crimes came up affecting transaction volumes in 2021. Two categories have stood out for their rapid growth: stolen funds and to some lesser degree, scams.
Decentralized finance (DeFi) has featured largely for both. In the case of scams, the scamming revenue surged by 82% last year to reach $7.8 billion worth of crypto stolen from victims. More than $2.8 billion of that amount, equal to the increase over 2020’s total, came as rug pulls, which is a new type of scam.
In the rug pull, scam developers create what seems to be a legitimate crypto project, which means that they do more than just set up wallets to get crypto for fraudulent investing opportunities, before taking the investors’ money and then running away.
Please note that these figures for rug pull losses represent just the value of investors’ money that was stolen and not losses from the DeFi tokens’ subsequent loss of value after a rug pull.
Nearly 90% of the total value lost to rug pulls in 2021 might be attributed to one criminal centralized exchange, Thodex, whose CEO disappeared moments after the exchange stopped users’ ability to withdraw their funds. But, nearly all of the rug pull tracked by Chainalysis in 2021 featured DeFi projects.
In almost all of these cases, the developers have tricked traders and investors into buying tokens that are linked with a DeFi project before draining all the tools provided by these investors, sending the token’s value to zero in the process.
Rug pulls are common in the DeFi sector due to the hype surrounding the space. Notably, DeFi transaction volume increased by 912% in 2021, and the huge returns on decentralized tokens like Shiba Inu have encouraged many investors to speculate on DeFi tokens.
Concurrently, it has become easy for those people with the right technical skills to develop new DeFi tokens and get them listed on crypto exchanges, even without undergoing a code audit.
By description, a code audit is a procedure by which a third-party company or listing exchange analyzes the code of the smart contract behind a new token or other DeFi project, and publicly confirms that the contract’s governance rules are ironclad. They contain no mechanisms that would enable developers to make run away with investors’ funds.
Most investors might have avoided losing funds to rug pulls in case they were stuck to DeFi projects that had undergone a code audit, or in case DEXes needed code audits before listing any tokens.
Crypto crime grew a lot more, with nearly $3.2 billion worth of crypto stolen in 2021 – a 516% surge compared to 2020. Nearly $2.2 billion of these funds, 72% of the 2021 total, were stolen from the DeFi protocols.
The growth in DeFi-related thefts shows an acceleration of a trend identified in the past year’s Crypto Crime report. In 2020, around $162 million worth of crypto was stolen from DeFi platforms, which is 31% of the year’s total amount stolen. That alone represented a 335% increase over the cumulative amount stolen from DeFi platforms in 2019.
In 2021, that figure increased by another 1,330%. Hence, as DeFi has continued with its rapid growth, so too has the issue of crypto crime.
Many of the incidents of theft from DeFi protocols can be traced back to errors present in the smart contract code that governs those protocols. Hackers exploit the flaws to steal funds that are similar to the errors that enable rug pulls to happen.
There is a growth in the use of DeFi protocols for laundering illegal funds, a practice that became prevalent in 2021.
Law Enforcement Agencies Respond
The Chainalysis report points towards positive examples of law enforcement’s growing ability to seize the crypto from the thieves and reduce the rate of crypto crime. The highlights of 2021 include:
- IRS-CI’s cumulative seizures of over $3.5 billion worth of crypto throughout 2021.
- The U.S. Department of Justice (DOJ) recovering around $2.3 million worth of cryptocurrency stolen by the DarkSide ransomware operators. These criminals were responsible for the attack on Colonial Pipeline.
- Also, London’s Metropolitan Police Service (MPS) made the United Kingdom’s biggest ever seizure of cryptocurrency. MPS took £180 million worth of crypto from a suspected money launderer.
In February 2022, the DOJ recovered $3.6 billion worth of Bitcoin connected to the 2016 hack on Bitfinex. Currently, it is the biggest ever recovery of stolen digital assets in either crypto or fiat. The report stated:
“These stories are important not only because they allow financial restitution for victims of cryptocurrency-based crime, but also because they disprove the narrative that cryptocurrency is an untraceable, un-seizable asset perfect for crime. If cybercriminals know law enforcement is capable of seizing their cryptocurrency, it may lower their incentive to use it in the future.
These cases also raise an important question: How much cryptocurrency is currently held by known criminal entities on the blockchain, and could therefore theoretically be seized by law enforcement? The answer is a function not just of cryptocurrency-based crime revenue in 2021, but of the all-time criminal revenue still held by visible addresses.”
The crypto criminals made off like bandits as digital assets gained massive popularity, according to the Chainalysis 2022 Crypto Crime report. But, regulators and authorities are striving to curb the spread of these illicit activities in the nascent industry.