Crypto Trading Platform RenBridge Used to Launder Millions, Has Ties to Nomad Hack

Hackers are realizing they can launder their ill-gotten gains through RenBridge and have been doing just that. Here's how they pulled it off.

Robin Hill-Gray - Author

Aug. 10 2022, Published 1:26 p.m. ET

Bitcoin and cash
Source: Unsplash

Bitcoins rest atop stack of $100 bills

Currently, crypto is a growing breeding ground for crime. From numerous hacks and stolen NFTs, it seems that criminals have discovered an easy way in — through the blockchain. But this time, a crime was committed to cover another. RenBridge has become another bridge of sorts, one that criminals use to launder money.

Article continues below advertisement
Article continues below advertisement

RenBridge is a cross-chain bridge that allows people to send online assets and crypto to other blockchains. The words "crypto bridges" and "hacks" seem to find themselves in the same sentence more often now. Nomad, another bridge company, lost $200 million in crypto after hackers were able to find a weak spot in the company's system.

While RenBridge itself wasn't stolen from, criminals used the company to steal from others catalyzing conversations on crypto bridge crackdowns.

andre francois mckenzie igyibhdntpe unsplash
Article continues below advertisement

Renbridge is a go-to for crypto criminals to launder their illicit funds.

A blockchain firm called Elliptic reported from its research that RenBridge has laundered approximately $540 million in stolen funds. Elliptic also believes the source of these crimes is located in North Korea. It hasn't been confirmed yet whether or not the hackers are part of a North Korean hacking group but Ellipitc's suspicions are high.

RenBridge appears to be a hotbed for crypto laundering. Elliptic says $267.2 million has been laundered through RenBridge in the last two years alone.

The $267.2 million figure also includes $33.8 million that was stolen in 2021 from Liquid, a crypto exchange. The attack on Liquid is also believed to be linked to hackers in North Korea. There are six major categories for crimes related to crypto that was laundered through RenBridge, including:

  1. Credit card theft: 0.5 percent
  2. Ransomeware: 28.4 percent
  3. Ponzi: 9.0 percent
  4. Darknet: 2.1 percent
  5. Theft: 49.2 percent
  6. Other: 10.8 percent
Article continues below advertisement
Article continues below advertisement

RenBridge's link to laundering also points to Russian ransomware groups. Some of these criminals use RenBridge to launder payments hackers received from companies in exchange for the release of their hacked data. To date, $153 million in ransom payments have been laundered through RenBridge. A cyber group recently attacked the Costa Rican government through RenBridge by laundering $53 million, which triggered a national emergency in the country.

Hackers can complete these transactions because, similar to the vulnerability in Nomad's system, there was one in RenBridge's system, specifically, darknodes. Darknodes aren't a weak spot in how RenBridge works, but a blindspot in how transactions are tracked and flagged.

Elliptic says that, due to the absence of central service facilitators for transactions, the transactions can go through "pseudonymous validators" such as the darknodes that allow criminals to bypass tracing.

Article continues below advertisement
Article continues below advertisement

David Carlisle, V.P. of policy and regulatory affairs for Elliptic, tells CNBC News that crypto bridges like Nomad and RenBridge are "a bit of a blessing and a curse. They're effectively ungoverned, and so very vulnerable to hacks or to be used in crimes like money laundering."

Article continues below advertisement

Carlisle also posed a question about regulation for these bridges. Carlisle said, "One major question is whether bridges will become subject to regulation since they act a lot like crypto exchanges, which are already regulated." Elliptic's chief scientist, Tom Robinson, echoed Carlisle's statement adding that bridges function as a loophole in regulatory measures that authorities have tried to establish.

CNBC News also reported that RenBridge functions as an "open protocol" and therefore doesn't operate under the guidance of a CEO. However, RenBridge support has been contacted. RenBridge is a subset of Ren and was created by software developers Taiyang Zhang and Loong Wang in 2017, according to Kraken.

Article continues below advertisement
Article continues below advertisement

RenBridge and Nomad are connected

According to CNBC, after Nomad lost $200 million in crypto, criminals tiptoed to RenBridge hours later. When the money was secured, criminals later used RenBridge to launder the money. As it stands, nearly $2.4 million of the cryptocurrency stolen from Nomad has been laundered through RenBridge.


Latest Cryptocurrency & Blockchain News and Updates

    Opt-out of personalized ads

    © Copyright 2024 Market Realist. Market Realist is a registered trademark. All Rights Reserved. People may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.