Russia, Iran and North Korea expanded their use of stablecoins, hacked funds and state-linked exchanges to move more than $100 billion onchain to evade international sanctions.
When airstrikes hit Iran on Feb. 28, crypto outflows from Nobitex spiked 873%, suggesting a "digital bank run" was ongoing. The reality may be more complex.
Chainalysis says Iranian bitcoin withdrawals surge ahead of unrest, a reoccuring crisis-response within its $7.8 billion crypto ecosystem.
Blockchain analytics firm Chainalysis has released a new report highlighting a sharp escalation in crypto-based money laundering, warning that Chinese-language money laundering networks are emerging as one of the most serious and rapidly growing threats in the digital asset ecosystem. The Rise of Chinese‑Language Networks In Crypto Crime According to the report, illicit on‑chain money laundering activity has expanded dramatically over the past five years. In 2020, crypto-related laundering was estimated to be around $10 billion. By 2025, that figure had climbed to more than $82 billion. A key driver behind this growth has been the rapid rise of Chinese‑language money laundering networks, often referred to as CMLNs. In 2025, these networks accounted for roughly 20% of all identified illicit crypto laundering activity on‑chain. Related Reading: XRP Outlook For 2026: AI Model Signals New Record Ahead — Can Price Reach $6? Chainalysis noted that this regional concentration is further supported by off‑ramping behavior observed on the blockchain. As detailed in the report, CMLNs now routinely launder more than 10% of funds stolen through so‑called “pig butchering” scams. The pace at which these networks have grown stands out even within the broader crypto crime landscape. Since 2020, inflows to identified CMLNs have increased 7,325 times faster than those to centralized exchanges (CEXs). Growth has also outstripped other laundering channels, expanding 1,810 times faster than decentralized finance (DeFi) platforms and 2,190 times faster than illicit on‑chain flows that remain within criminal ecosystems. While CMLNs are not the only actors involved in crypto laundering, Chainalysis found that Chinese‑language, Telegram‑based services now represent a disproportionately large share of attributed global laundering activity. Cross‑Border Crime At Scale The report also shows that CMLNs function openly across multiple platforms and rely on complex, multi‑layered systems. Their operations are characterized by industrial‑level processing capacity and a high degree of technical sophistication. In 2025 alone, Chainalysis identified six distinct service types that together form the CMLN ecosystem. Combined, these services processed $16.1 billion in illicit inflows during the year. The number of active entities within these networks has also grown rapidly, expanding from a small number of wallets just a few years ago to more than 1,799 active on‑chain wallets in 2025. Related Reading: Tether Reveals Massive Gold Accumulation In Q4: Adds 27 Tons To Reserves Tom Keatinge, Director at the Centre for Finance & Security at the Royal United Services Institute, said the speed and scale of these networks are the result of converging global forces. He noted that Chinese money laundering networks have rapidly evolved into “multi‑billion‑dollar cross‑border operations” offering efficient and competitively priced services to organized crime groups across Europe and North America. Chris Urben, Managing Director at Nardello & Co, highlighted another major shift within these networks. He explained that Chinese money laundering groups have increasingly moved away from informal value transfer systems, such as traditional underground banking methods. Instead, Urben emphasized that these criminals have embraced cryptocurrencies as a “faster and more discreet way” to move funds across borders, eliminating the need for complex manual ledgers spread across multiple jurisdictions. Featured image from DALL-E, chart from TradingView.com
Chinese-language networks now handle a disproportionate share of global crypto money laundering flows, according to a new Chainalysis report.
In an exclusive interview with CoinDesk, Immuneifi’s CEO, Mitchell Amador, said onchain security is improving despite losses continuing to rise.
Chainalysis said Iran’s crypto ecosystem topped $7.78 billion in 2025 as IRGC-linked activity grew and BTC withdrawals surged during unrest.
Amid protests and economic crisis, Iranians are increasingly withdrawing bitcoin from exchanges to personal wallets.
Scams and fraud against individuals are increasing and if the trend continues, they could soon surpass crypto stolen via cyberattacks, Chainalysis said.
Chainalysis reported crypto crime hit $154 billion in 2025, driven by state-linked hacking, sanctions evasion and stablecoin-based laundering.
North Korea-linked hackers drove a record year for crypto thefts, favoring rare but massive attacks on centralized services, led by Bybit’s $1.4 billion breach.
Chain analysts and law enforcement are sounding the alarm about a type of fraud known as “pig-butchering,” in which criminals groom victims online and push them into fake crypto investments. Related Reading: XRP Earns Academic Praise: University Study Calls It ‘Gold In Your Hands’ According to Chainalysis, crypto scams sent close to $10 billion on-chain in 2024, with pig-butchering revenue growing almost 40% year-over-year and the number of deposits into those scams rising more than 200% — even as the average deposit size fell roughly 55%. These shifts point to a model that now relies on many more victims paying smaller amounts, making the operation both lucrative and hard to trace. Organized Networks Behind The Scams Investigators say these are not lone fraudsters. Reports have disclosed that scam networks operate like organized criminal enterprises, sometimes using trafficked workers in compounds to call, message and manage victims. Victim grooming can span weeks or months, turning emotional manipulation into a steady revenue stream for the gangs. Research and reporting have tied some of these operations to regions in Southeast Asia and to groups that move money through concentrated crypto wallets. AI And Marketplaces Help Scammers Scale Law enforcement and analysts warn that generative AI and service markets are making the pig butchering scams cheaper and faster to run. According to Chainalysis and multiple news outlets, AI tools are being used to create convincing chatbots, voice clones and fake profiles, while online marketplaces sell domain services and hosting that let scammers spin up lifelike investment sites. That combination has helped fraud operators widen their reach and target more people at once. Infrastructure And Sanctions Authorities have started to hit the infrastructure that supports the scams. The US Treasury’s OFAC sanctioned a Philippines-based firm, Funnull Technology Inc., and its alleged administrator for supplying internet infrastructure and tools used by fraud networks. Chainalysis and other researchers tied Funnull’s services to sites used in pig-butchering, and US losses linked to those operations were said to exceed $200 million in some investigations. Sanctions aim to cut off access to the web services scammers use to appear legitimate. Related Reading: Dogecoin Alert! Price Could Explode Over 2,800%, Analyst Says Exchanges And Stablecoin Issuers Help Freeze Illicit Funds Private companies have been part of the response. In a coordinated effort with APAC law enforcement, Chainalysis, exchanges and stablecoin issuers helped trace and block nearly $47 million in USDT that had been consolidated by scammers into a few wallets. Earlier actions involving other cases led to much larger freezes. Those moves show how industry cooperation can stop some cash-outs before criminals convert crypto into fiat. Featured image from Unsplash, chart from TradingView
USDT and USDC continue to lead global stablecoin flows, but EURC and PYUSD are rising fast as institutional rails expand
APAC emerged as the fastest-growing crypto market in the year through June 2025, with on-chain activity up 69% year-over-year.
Welcome to Slate Sundays, CryptoSlate’s new weekly feature showcasing in-depth interviews, expert analysis, and thought-provoking op-eds that go beyond the headlines to explore the ideas and voices shaping the future of crypto. Crypto crime is on the rise. From the first epic hack of mighty Mt. Gox to the intricate OneCoin scam orchestrated by nefarious Bulgarian […]
The post The many faces of crypto crime and the relentless cat-and-mouse chase appeared first on CryptoSlate.
Chainalysis says rising wallet attacks and costly laundering fees could push losses past $4 billion this year.
As the market soars with bullish momentum, crypto theft has also seen a record-breaking performance during the first half of this year. A recent report revealed that stolen funds from services so far have surpassed the numbers from previous years. Related Reading: Crypto Relief: House Advances GENIUS, CLARITY, Anti-CBDC Bills After Narrow Vote Stolen Crypto Service Funds Hit $2B In 6 months On Thursday, Chainalysis shared its “2025 Crypto Crime Mid-Year Update,” revealing that digital assets theft this year has been “more devastating” than the entirety of 2024, with over $2.7 billion worth of funds stolen from crypto services so far. The report noted that, by the end of June, more value had been stolen year-to-date (YTD) than during the same period in 2022, the previous worst year on record, suggesting that theft from crypto services could potentially increase another 60% by year’s end. 2025’s YTD activity shows a significantly steeper trajectory into the end of the first half than any previous year, with an alarming velocity and consistency. 2022 required 214 days to hit the $2 billion mark in value stolen from services, while 2025 reached comparable theft volumes in 142 days. Additionally, 2025 is 17.27% worse than 2022 during the same six-month period, while 2023 and 2024 saw more moderate and steady accumulation patterns. The surge in the cumulative trend value from crypto services theft “paints a stark picture of 2025’s escalating threat environment.” According to the report, “If this trend continues, we could see 2025 end with more than $4.3 billion stolen from services alone.” However, it’s worth noting that the North Korean-linked $1.5 billion hack of Bybit accounts for most of the service losses. The massive breach, which is the largest crypto hack in history, signals a “broader pattern of North Korean cryptocurrency operations, which have become increasingly central to the regime’s sanctions evasion strategies.” Last year, known North Korean-related losses reached their highest number, with the value reaching $1.3 billion. Nonetheless, Bybit’s February hack surpassed it, making 2025 the worst year to date. Personal Wallet Attacks Surge Amid the shifting landscape, the report highlights that the surge in crypto thefts represents an immediate threat to participants. Notably, attackers are increasingly targeting individual users, as personal wallet incidents represent a growing share of total ecosystem theft. YTD, these compromises account for 23.35% of all stolen funds activities in 2025, with Bitcoin (BTC) theft accounting for a substantial share of stolen value. Chainalysis also found that the average loss from compromised personal BTC wallets has increased, suggesting a deliberate target on higher-value individual holdings. Moreover, the number of individual victims on non-Bitcoin and non-EVM chains, like Solana, is increasing. This suggests that Bitcoin holders experience larger losses in terms of value taken, despite being less likely to fall victim to targeted theft. Related Reading: SUI Eyes 140% Move As Price Reclaims $4 – New ATH Imminent? Within the personal wallet incidents, a violent subsection has also seen a dramatic surge this year, showing a correlation with BTC price movements and suggesting opportunistic targeting during high-value periods. The forward-looking implication is that, if the value of native assets increases, the value compromised from personal wallets will also likely rise. Per the report, theft using physical violence or coercion against individuals, also known as “wrench attacks,” could potentially hit twice the number of 2021, the next highest year on record. As of this writing, Bitcoin is trading at $119,807, a 14.8% increase in the monthly timeframe. Featured Image from Unsplash.com, Chart from TradingView.com
The crypto industry is on track to witness record-breaking thefts in 2025, with over $2.17 billion already stolen from crypto services as of mid-July, according to a new report from Chainalysis. This figure surpasses the total amount stolen in all of 2024 and suggests a troubling upward trend in digital asset crime. A significant portion […]
The post Crypto criminals now pay 14x higher fees to evade detection, Chainalysis reports appeared first on CryptoSlate.
The Swiss blockchain analytics firm said it found a trove of off and on-chain data to suggest Grinex is a direct successor to Garantex.
A new report from the analytics firm says that sanctioned jurisdictions and groups were responsible for 39% of illicit crypto transactions last year.
Peer-to-peer marketplace Huione Guarantee has become a go-to place for crypto scammers for infrastructure and money laundering.
The crypto industry saw ransomware payments decline by 35% in 2024, falling to $813 million from the previous year’s $1.25 billion, according to Chainalysis‘ 2025 Crypto Crime Report. According to the firm, this marks the most significant annual decline in ransomware revenue over the past three years. Crypto ransomware 2024 Despite an initial uptick in […]
The post Crypto ransomware revenue drops 35% to $813 million in 2024 amid tougher crackdowns and victim resistance appeared first on CryptoSlate.
According to the blockchain analytics firm, less than half of recorded ransomware attacks resulted in victim payments.
2024 saw nearly $41 billion worth of illicit crypto volume, but that could climb to around $51 billion as more criminal-tied addresses are found, Chainalysis says.
Alterya's AI driven fraud models have "substantial opportunities in the traditional market."
The advent of generative AI has made it easier for scammers to target crypto and other real-time payment systems.
Hackers connected to the reclusive nation whose entities are often targeted by US sanctions reportedly doubled the amount of crypto they stole in 2023.
The buyout marks a pivot toward threat prevention for Chainalysis.
Crypto hackers had a busy year in 2024 and cybersecurity experts warn that continued advances in artificial intelligence could bring new attack vectors in 2025.
The company’s former chief strategy officer, Jonathan Levin, assumed the role of CEO and offered his thoughts to Cointelegraph on the future of the industry.