Cryptocurrency laundering due to hacking activities skyrocketed in 2024, with $1.3 billion channeled through illegal methods.
On January 13, blockchain security company Peckshield reported a staggering 280% increase from the $342 million recorded in 2023. The company said its analysis focused on incidents involving hacking-related losses exceeding $1 million.
PeckShield noted that the booming market may have increased the scale of money laundering. For context, the price of Bitcoin more than doubled in 2024 from $42,000 in January to over $100,000 in December.
This market growth may have prompted these criminals to scale up their money laundering activities during the reporting period.
While blockchain’s transparency allows for more efficient tracking than traditional financial systems, it hasn’t stopped criminals from innovating. Their dependence on emerging tools and strategies shows how they adapt to avoid criticism.
Washing techniques
Peckshield noted that malicious actors relied on techniques such as chain hopping and coin mixing to obfuscate their stolen funds.
According to the company, hackers moved $452 million through chain-hopping and centralized exchanges, while $468 million moved through coin-mixing platforms.
Chain hopping involves transferring assets across multiple blockchain networks to obscure their trail. Hackers often use various personal wallets as intermediaries to make detection even more difficult.
On the other hand, coin mixing combines funds from different sources and distributes them in a way that disguises their origin.
Phishing tactics are evolving
As money laundering activity soared, Peckshield noted that losses from phishing attacks fell by more than 24% to $834.5 million in 2024, from $1.1 billion in 2023.
However, new phishing strategies have emerged, making these attacks more difficult to prevent. Sophisticated techniques such as social engineering, address poisoning and approval phishing were responsible for $600 million of the total losses.
Phishing scams often involve bad actors posing as trusted entities to steal sensitive information or wallet access. Social media platforms such as X (formerly Twitter) remain a hotspot for these schemes, where attackers post misleading comments or links to fraudulent websites.
