Crypto Trading Platform RenBridge Used to Launder Millions, Has Ties to Nomad Hack

Currently, crypto is a growing breeding ground for crime. From numerous hacks and stolen NFTs, it seems that criminals have discovered an easy way in — through the blockchain. But this time, a crime was committed to cover another. RenBridge has become another bridge of sorts, one that criminals use to launder money.

RenBridge is a cross-chain bridge that allows people to send online assets and crypto to other blockchains. The words "crypto bridges" and "hacks" seem to find themselves in the same sentence more often now. Nomad, another bridge company, lost $200 million in crypto after hackers were able to find a weak spot in the company's system.

While RenBridge itself wasn't stolen from, criminals used the company to steal from others catalyzing conversations on crypto bridge crackdowns.

A blockchain firm called Elliptic reported from its research that RenBridge has laundered approximately $540 million in stolen funds. Elliptic also believes the source of these crimes is located in North Korea. It hasn't been confirmed yet whether or not the hackers are part of a North Korean hacking group but Ellipitc's suspicions are high.

RenBridge appears to be a hotbed for crypto laundering. Elliptic says $267.2 million has been laundered through RenBridge in the last two years alone.

The $267.2 million figure also includes $33.8 million that was stolen in 2021 from Liquid, a crypto exchange. The attack on Liquid is also believed to be linked to hackers in North Korea. There are six major categories for crimes related to crypto that was laundered through RenBridge, including:

1. Credit card theft: 0.5 percent
2. Ransomeware: 28.4 percent
3. Ponzi: 9.0 percent
4. Darknet: 2.1 percent
5. Theft: 49.2 percent
6. Other: 10.8 percent

RenBridge's link to laundering also points to Russian ransomware groups. Some of these criminals use RenBridge to launder payments hackers received from companies in exchange for the release of their hacked data. To date, $153 million in ransom payments have been laundered through RenBridge. A cyber group recently attacked the Costa Rican government through RenBridge by laundering $53 million, which triggered a national emergency in the country.

Hackers can complete these transactions because, similar to the vulnerability in Nomad's system, there was one in RenBridge's system, specifically, darknodes. Darknodes aren't a weak spot in how RenBridge works, but a blindspot in how transactions are tracked and flagged.

Elliptic says that, due to the absence of central service facilitators for transactions, the transactions can go through "pseudonymous validators" such as the darknodes that allow criminals to bypass tracing.

David Carlisle, V.P. of policy and regulatory affairs for Elliptic, tells CNBC News that crypto bridges like Nomad and RenBridge are "a bit of a blessing and a curse. They're effectively ungoverned, and so very vulnerable to hacks or to be used in crimes like money laundering."

Carlisle also posed a question about regulation for these bridges. Carlisle said, "One major question is whether bridges will become subject to regulation since they act a lot like crypto exchanges, which are already regulated." Elliptic's chief scientist, Tom Robinson, echoed Carlisle's statement adding that bridges function as a loophole in regulatory measures that authorities have tried to establish.

CNBC News also reported that RenBridge functions as an "open protocol" and therefore doesn't operate under the guidance of a CEO. However, RenBridge support has been contacted. RenBridge is a subset of Ren and was created by software developers Taiyang Zhang and Loong Wang in 2017, according to Kraken.

According to CNBC, after Nomad lost $200 million in crypto, criminals tiptoed to RenBridge hours later. When the money was secured, criminals later used RenBridge to launder the money. As it stands, nearly $2.4 million of the cryptocurrency stolen from Nomad has been laundered through RenBridge.