Dirty Coins: How They End Up in Wallets and How They Are Tracked

Cryptocurrency owners frequently experience dirty coins firsthand. What are they, and why are such assets becoming easier to track?

People who don't keep an eye on so-called "dirty" cryptocurrencies can wind up with these marked assets in their wallets. Many large platforms have blocked such wallets, and proving innocence can sometimes be challenging.

Specialists in analytical systems can change the data on cryptocurrency addresses to connect funds with illegal activity, even if a significant amount of time has passed since they were received.

Large centralized exchanges (CEX) are among the most law-abiding market participants. They typically follow the recommendations of the Financial Action Task Force (FATF), an intergovernmental organization dedicated to combating money laundering, terrorist financing, and other threats. They also use specialized analytical tools to check the purity of cryptocurrency at the entry stage, making it unlikely that "dirty" assets will be received on such platforms.

However, the risk arises if the exchange is subject to sanctions, from which all associated funds can be marked as sanctioned.

In contrast, decentralized services (DEX) can operate without licenses, in a gray area, and do not adhere to anti-money laundering (AML) requirements, which increases the likelihood of receiving “dirty” cryptocurrency.

How can ‘dirty’ coins end up in a wallet?

Regulated trading platforms and exchangers keep a close eye on the movement of cryptocurrencies linked to criminal activity. They record assets that have been involved in illegal transactions.

Fraudsters use various schemes to conceal their actions and "clean" the coins, including crypto mixers, splitting transactions into small amounts, unregulated platforms, gambling, prepaid cards, and crypto ATMs.

As a result, even the most law-abiding users may wind up with "dirty" cryptocurrencies in their wallets. It is impossible to purchase such assets on regulated exchanges and exchangers that operate according to KYC/AML requirements because they cannot be received on their platforms.

However, users can easily purchase digital assets on an unregulated platform or a dubious exchange or accept them as payment.

How to track ‘dirty’ coins

Regulated exchanges closely monitor the circulation of compromised coins, following regulators' directives. Since January 2020, the EU's Fifth Anti-Money Laundering Directive has been in effect, requiring platforms to monitor users' crypto transactions, maintain records, share data, and report suspicious transactions to authorities.

Large platforms have special units responsible for monitoring suspicious transactions. Bots, automatic notification systems, and manual checks identify “dirty” coins. Exchanges wield mixers, programs, and services for anonymizing transactions and laundering funds, which can lead to account blocking. Exchanges are not interested in the purpose for which the user used the mixer.

International AML standards don't prohibit mixers, but exchanges are cautious. They usually do not block accounts where coins have been noticed to have passed through a mixer. Still, such wallets are subject to additional surveillance.

Exchanges mainly use external solutions to optimize AML processes to monitor suspicious transactions. The most popular solutions are Chainalysis, CipherTrace, and Elliptic, which are used by regulated exchanges, exchangers, and law enforcement agencies.

For example, CipherTrace tracks the bulk of all digital assets. Its system monitors crypto transactions and assigns wallets a risk level on a ten-point scale, depending on whether the funds were used in scam projects, mixers, darknet purchases, hacker attacks, extortion, drug trafficking, and terrorist financing.

All compromised wallets and coins are added to a blacklist, which is accessible to trading platforms using the CipherTrace solution. After that, the exchange systems only have to block “dirty” funds and close accounts found to be violating AML requirements.

Anonymous cryptocurrency

Anonymous cryptocurrencies, designed to provide high privacy and anonymity, have implemented technologies primarily created to ensure the anonymity and privacy of transactions without external crypto mixers.

One of the most famous anonymous cryptocurrencies is Monero (XMR). The principle of Monero is that each transferred token is mixed with many other transactions, so it is impossible to track who sent Monero to whom.

However, in reality, the anonymity of XMR has often been questioned. Monero's anonymity problems were especially noticeable until February 2017, but the developers fixed the code afterward. Thus, all transactions made before this time can be tracked; moreover, even after the code change, some loopholes remain with which it is possible to track the senders of transactions; experts from Princeton University, Carnegie Mellon University, Boston University, Massachusetts Institute of Technology and the University of Illinois at Urbana-Champaign found out.

“Monero mixins are sampled in such a way that they can be easily distinguished from the real coins by their age distribution; in short, the real input is usually the newest input.”

Monero's anonymity was also established relatively recently — in 2024, there were several known cases where the supposedly anonymous cryptocurrency was tracked.

For example, in January, the Finnish National Bureau of Investigation reported tracking XMR associated with hacker Julius Kivimäki.

Later in September, a video leak by

The above is the detailed content of Dirty Coins: How They End Up in Wallets and How They Are Tracked. For more information, please follow other related articles on the PHP Chinese website!