Cyber Crime
An In-Depth Look at Crypto-Crime in 2023 Part 1
Cybersecurity is a growing concern in today's digital age, as more sensitive information is stored and transmitted online. With the rise of cryptocurrencies, there has also been a rise in crypto-crimes, which pose a significant threat to the security of both individuals and businesses.
What is crypto-crime?
Cryptocrime refers to any criminal activity involving the use of cryptocurrency. This can include theft, fraud, money laundering, and other illicit activities. Cryptocurrencies, such as Bitcoin and Ethereum, operate on decentralized networks and are not issued or controlled by any central authority. This makes them an attractive target for criminals due to their anonymity and lack of regulation.
Chainalysis's 2024 Crypto Crime Report details the different types of crypto-crimes and their impact on the industry. In this article, we will discuss some of the report's key findings and how crypto-crime is evolving in 2023.
2023 in crypto-crime
In 2023, the value of cryptocurrency transactions received by illicit addresses dropped significantly to $24.2 billion. However, this figure is a lower-bound estimate and will likely increase as more illicit addresses are identified. For example, 2022's estimated illegal volume of transactions increased from $20.6 billion to $39.6 billion due to the identification of new illicit addresses and sanctioned services.
A significant factor in the revised 2022 total was the inclusion of $8.7 billion in creditor claims against FTX following the fraud conviction of its former CEO. This is an exception to the usual on-chain methodology used to measure illicit activity since it's challenging to isolate fraudulent on-chain movements of user funds for FTX.
The 2023 figures also exclude transactions from non-crypto native crimes, such as drug trafficking, due to the difficulty distinguishing these from legitimate transactions on-chain. However, law enforcement can investigate these flows in an off-chain context using tools like Chainalysis solutions.
How big was crypto crime in 2023?
Over the past two years, stablecoins have overtaken Bitcoin as the preferred cryptocurrency for cybercriminals, accounting for most illicit transaction volumes. This shift parallels the increasing share of stablecoins in overall cryptocurrency activity, including legitimate transactions. However, Bitcoin remains dominant in certain crypto crimes, such as darknet market sales and ransomware extortion.
The most significant forms of crypto crime by transaction volume, such as scamming and transactions involving sanctioned entities, have largely moved to stablecoins. Entities in sanctioned jurisdictions or those involved in terrorism financing prefer stablecoins for their stability and ease of access compared to traditional U.S. dollar routes. Nonetheless, stablecoin issuers can intervene, as exemplified by Tether freezing addresses linked to terrorism and warfare in Israel and Ukraine.
Key trends
Here are three key trends that emerged in crypto crime in 2023:
Scamming and stolen funds were down
In 2023, crypto scamming and hacking revenues dropped significantly, with illicit revenue from scamming down 29.2% and hacking down 54.3%. Scammers have increasingly adopted romance scam tactics, targeting individuals rather than using widespread advertising, making these scams harder to detect. Despite increased reports of crypto investment scams in the U.S. through 2022, global on-chain metrics show a downward trend in scamming revenues since 2021, likely due to the market dynamics favoring scams when the market is up.
Crypto hacking is harder to conceal as unusual outflows from services or protocols are quickly noticed. The decline in stolen funds is mainly due to a significant reduction in DeFi hacking, potentially indicating improved security practices within DeFi protocols. However, outliers influence metrics on stolen funds, and a single large hack could change the trend.
Increased ransomware and darknet market activity
In 2023, revenues from ransomware and darknet markets increased, contrasting with the overall trend of declining crypto crime. Ransomware revenue rose after significantly declining the previous year, suggesting attackers have adapted to improved cybersecurity measures. Similarly, darknet market revenue grew after a drop in 2022, which was primarily due to the shutdown of Hydra, the dominant market that once captured over 90% of darknet revenue. Despite no single market replacing Hydra, the overall sector is rebounding, with revenues approaching their 2021 highs.
Transactions with sanctioned entities drive most illicit activity
In 2023, sanctions-related transactions were a prominent trend in illicit cryptocurrency activity, accounting for $14.9 billion or 61.5% of all illicit transaction volume. This was primarily driven by cryptocurrency services sanctioned by the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) or in sanctioned jurisdictions, which continue operating due to the lack of local enforcement of U.S. sanctions.
A significant portion of this volume involves average crypto users in these jurisdictions. For instance, Russia-based exchange Garantex, sanctioned by OFAC and the U.K.'s OFSI for facilitating money laundering and ransomware activities, significantly contributed to this volume. Although not all of Garantex’s transactions are linked to illicit activities, its operations pose a sanctions risk for crypto platforms under U.S. or U.K. jurisdiction, necessitating vigilant screening for compliance.
Final thoughts
As cryptocurrency continues to gain mainstream adoption and interest, the trend of declining crypto crime is a positive development. However, illicit transactions with sanctioned entities still drive a significant portion of this activity.
In Part 2, we explore the specific types of illicit activity and trends in cryptocurrency crime. By understanding these factors and taking proactive measures, we can continue to foster a safer and more secure crypto ecosystem for all users.
This article is based on Chainalysis's report, `The 2024 Crypto Crime Report`, and has extracted the key points by Trend Micro from a cybercrime perspective. For more details, please refer to the full report.