Cryptocurrency Mixers and Their Use In Ransomware

Cryptocurrency Mixers and Their Use In Ransomware

Are cryptocurrencies anonymous? 

Cryptocurrencies should be both transparent and anonymous. Transparency means that everyone can check all the incoming and outgoing transactions and track the origin of every coin (thanks to the blockchain). Anonymity ensures that nobody should be able to link the money to a specific person, only to a cryptocurrency wallet. 

This works in theory, however, in the real world, there are means of linking a wallet to a specific person. Such linking can be achieved, for example, through blockchain forensics, monitoring IP addresses linked to a specific wallet, or checking cryptocurrency exchanges to see bank accounts linked to the wallet. 

Cryptocurrency Laundering 

On the cryptocurrency market, the so-called dirty coins exist, that originate from illegal business activities, like collecting ransom from ransomware victims. Naturally, the attackers do not want their coins to be linked with such illegal activity. Therefore, they use cryptocurrency mixers and tumblers to do the money laundering. 


Ransomware Advisory-Complimentary Consulting on Ransomware Attacks 

LIFARS provides complimentary consulting on Ransomware attacks to determine if a move forward decision is desired with factors consisting of whether data exfiltration occurred, determining if additional systems have been compromised and/or requests to attempt data recovery. 


Mixers and tumblers take the coins deposited by a certain user, mix them with all other coins originating from various wallets, and then transfer those mixed coins to a user-specified wallet. After this operation, the real origin of the cryptocurrency is nearly untraceable. 

Of course, for this strategy to function, there must be enough clean“ coins present, not only the dirty ones. This requirement is, in fact, easily fulfilled, because mixers are very often used for legal purposes – by common people concerned for their anonymity. 

Mixers and Law Enforcement 

Governments constantly keep on fighting questionable cryptocurrency activities. In some countries, providing mixing services is considered illegal. For example, in May 2019 one of the largest laundering services – – has been shut down by Europol in cooperation with Netherlands and Luxembourg. Some people are dissatisfied with such development because many of them use cryptocurrency mixers for legitimate purposes. 

To conclude, mixing services can have both good and evil use. They make it significantly harder to investigate the real origin of the money and freeze illegal transactions or track down ransom payments. Tumblers also present a risk for the legitimate users, who may end up with some dirty coins on their account after mixing the money.