A new study from Chainalysis finds that crypto crimes are proving more lucrative than ever for organized criminal gangs, but that illicit activity overall only saw a slight raise from its record low levels in 2021.
Why are thieves stealing more than ever before when overall attempts and incidents are at record lows of overall crypto activity share? Most of it appears to be tied to big players in the criminal ecosystem taking advantage of major vulnerabilities in decentralized finance (DeFi) platforms, even as international law enforcement ramps up its efforts to take down the finance infrastructure of cryptocurrency-based crime.
Crypto theft losses up even as crypto crimes are down
The activity report for 2021 saw crypto theft amounts hit an all-time peak of $18 billion, even as overall incidents and attempts went to an all-time low. That trend seems to have generally held into 2022; transaction volume soared again, this time hitting $20 billion in total, while the overall share of crypto activity associated with crime only increased slightly from the low of 2021 (0.24%, or just over half of what it was in 2020).
The overall numbers speak to crypto crimes increasingly becoming the province of fewer but bigger and better organized players. The spree of thefts that North Korea’s state-backed Lazarus group went on through much of the first half of 2022 illustrates this phenomenon. The group has ruthlessly targeted numerous holes in the security of nascent DeFi platforms, and has concocted elaborate and well-funded schemes (including fake job offers with multiple layers of social engineering) to exploit them.
It is important to note that the Chainalysis report does not include the potential implosions of crypto firms and platforms (such as FTX) as crypto crimes for its purposes. While this is certainly not an endorsement of these organizations, the methodology is based entirely on recorded on-chain transactions flowing to and from the wallets of known and proven criminal hackers and scammers. It also excludes crypto payments made for offline crimes, such as drug trafficking.
While inflows to criminal wallets increased overall, the sources of the funding shifted around somewhat. In 2021, the wallets of scammers were the clear and direct recipients of most of the proceeds of crypto crime. In 2022, most of the volume is now flowing to sanctioned exchanges (in countries such as Russia) that continue to operate. A wave of sanctions and legal actions from international governments and law enforcement began in 2021 and was thought to contribute to the strong drop in overall crypto crimes, but the sudden shift of illicit cash flow to exchanges such as Garantex speaks to these actions likely just weeding smaller players out of the market as the bigger threats continue to find ways to move and convert their stolen money.
Chainalysis also observes that the share of scams is likely down due to global financial markets taking a more bearish turn, as these sorts of crypto crimes generally drop during periods when investors are less likely to believe that huge returns are possible.
Crypto crimes increasingly a smaller overall share of activity
Though groups like Lazarus are hitting specific fertile targets for huge individual scores, overall the report finds that the share of total criminal activity in crypto movement continues to be very small. It has been under 1% outside of an all-time peak of 1.9% in 2019, and dropped tremendously to settle on a record low of 0.12% in 2021 before the very slight increase last year. Chainalysis plans to dig deeper into this trend in its 2023 Crypto Crime Report, slated for release in February.
However, as Coindesk noted in a mid-2022 study, there are numerous estimates out there that use differing methodology and sometimes come to very different conclusions. It notes a number of issues that can throw results in one direction or another. Some might tend to understate the problems, such as only using wallet addresses that have been definitively linked to crypto crimes (as the Chainalysis study does). Others have the opposite problem of being too broad in their definition of crimes and how wallets relate to them, sometimes coming up with seemingly absurd estimates of nearly half of all crypto traffic being a part of criminal activity somehow (an approach that regulators tend to prefer in pushing for changes to financial law).
Nevertheless, there are certain elements of the online world that have proven more vulnerable to crypto crimes and in need of greatly increased security attention (with DeFi being the #1 contender at the moment). And as fraudulent exchange practices are looped into these statistics, such as what appeared to be a Ponzi scheme at FTX, these numbers may be substantially revised in the near future.