RenBridge Used to Launder $540M

Cross-chain bridges have been the focus of many attacks this year. New data from blockchain analytics firm Elliptic claims that one of the cross-chain bridges, Renbridge, was used in the laundering of more than $540 million in illegitimate crypto assets.

According to Wednesday's study, RenBridge, a crypto bridge, has assisted the laundering of at least $540 million in illegal profits since 2020 using a method known as chain hopping. This involves turning one type of cryptocurrency into another and transferring it across various blockchains.

Decentralised cross-chain bridges, according to Elliptic, give "an uncontrolled alternative to exchanges for moving currency between blockchains".

Cross-chain Bridge Exploits

Cross-chain bridges, also known as blockchain bridges, are mainly utilised for lawful reasons, allowing users to exchange cryptocurrency effortlessly between blockchain networks.

Users often deposit tokens from one chain to the bridge protocol, which is locked into a contract, after which the user receives the equivalent of a parallel token in another chain.

Elliptic warns that these bridges have also been used to launder criminal earnings by ransomware gangs, exploiters, and hackers. It says RenBridge accounts for at least $540 million in laundered proceeds since 2020.

According to the firm, at least $2.4 million in crypto assets stolen during the Nomad attack on August 2 passed across the cross-chain bridge.

Elliptic also revealed that assets from decentralised finance (DeFi) services worth at least $267.2 million had been laundered through the cross-chain bridge in the past two years. It adds that a chunk of the $80 million stolen from the Liquid Global exchange last year, reportedly by North Korea, used RenBridge cross-chain platform.

So far, the Conti ransomware gang, which notoriously struck the Costa Rican government in June, has laundered more than $53 million using RenBridge.

RenBridge is also said to be popular with Russia-linked ransomware operations, with $153 million in ransomware being laundered through the site.

Tornado Cash, a decentralised mixer meant to disguise the sources of cryptocurrency, was sanctioned earlier this week by the United States Treasury department. The authority took similar action in May with the mixer Blender.io. The US Treasury noted suspected exploitation by North Korean cyber organisations in both instances.

Additional digital services, such as privacy and censorship avoidance, can be used for illegal and non-criminal objectives. However, DeFi is particularly vulnerable to theft and hacking, and finding chokepoints might benefit security experts and governments.