Crypto crime in 2022: scams, OFAC and the police

Crypto crime in 2022: scams, OFAC and the police

“Crypto is a tool for criminals.”

We all know this narrative has as much sense as “all cars are used for bank robberies”.

Still, there are some bad apples out there, and some illicit activity does happen on the blockchain. Good news: it can be tracked and examined using on-chain analysis 👨‍💻🔎

Weekly stories are first featured in our Newsletter. Subscribe here to receive it directly in your mailbox every Monday.

After all, the blockchain is transparent – unlike traditional finance, which is an opaque and siloed system that often needs journalist investigations for any wrongdoings to become public 🤐

On-chain analytics firm Chainalysis has recently published a report on crypto crime in 2022, sharing some interesting trends:

 📌 illicit transaction volume increased by 14% to $20.6 billion

📌 however, 43% of that amount came from sanctioned addresses – a new category emerging due to OFAC’s intense activity in 2022

📌 transaction volumes of scams and darknet-generated transactions have fallen, while those of the hacker attacks have increased slightly due to North Korean hackers

📌 the share of all crypto transactions associated with the illicit activity is still very small – 0.24% 🤏

We’ve combed through the report for you, trying to answer questions like:

❓ what scams most people have fallen for this year

❓ which protocols were most hacked

❓ were OFAC sanctions effective

❓how is illicit crypto laundered

❓how does law enforcement act on crypto crime

Crypto scams in 2022

According to Chainalysis, crypto scam revenue dropped 46% in 2022 to $5.9 billion. This is mostly due to the bear market, as scam performance tends to worsen when cryptocurrency prices are in decline.

The firm, however, did not count some high-profile cases like Celsius, 3AC, and FTX, because their alleged frauds concerned off-chain bookkeeping and not on-chain data.

What were the most popular scams in 2022?

All ten of 2022’s top scams were investment scams (fraud scams) 🏗️, in which fraudsters promote a fake investment company promising outsized returns. The biggest one was Hyperverse, which pulled in nearly $1.3 billion in revenue.

The scams that were most destructive on a revenue-per-victim basis were romance scams 🌹, in which the fraudster pretends to build a romantic relationship with the victim to convince or guilt them into sending them money.

Other popular scam types include:

Impersonation scam (phishing 🎣), in which fraudsters pretend to be someone in a position of authority or expertise and tell victims they must send in cryptocurrency to correct some kind of problem or avoid getting in trouble.

Giveaway scams 🎁, in which fraudsters solicit victims to send them cryptocurrency, promising to send them more in return. Giveaway scammers often impersonate celebrities to lend credence to the promise.

NFT scams, in which fraudsters trick victims into buying fake NFTs designed to resemble more notable collections 🦧

BanklessDAO, a decentralized crypto media, surveyed 354 crypto users last December, focusing on scam frequency, and found that:

📌 66% of users have encountered a crypto scam, while 39% have lost money to it

📌 Two most popular scam types were phishing attacks (46%) and fraud scams (32%)

📌 Users have lost an average of $2’900 to scams

📌 Users with high transaction activity (> 20tx/year) were x2 likely to be scammed

Beyond pure scams, the crypto space has seen much market manipulation, notably in the so-called pump-and-dump schemes – a technique coming from traditional finance, where holders of a stock will heavily promote it to other investors, causing the price to rise rapidly as new investors buy 📈, and then massively selling their stocks, causing the price to plummet 📉 .

According to Chainalysis, 24% of new tokens launched in 2022 bear on-chain characteristics of pump-and-dump schemes.

Crypto sanctions 📃

OFAC has been sanctioning crypto-related activity since 2018: at first punctually, but gaining more confidence in 2021 and setting a legal precedent in 2022 by sanctioning not only individuals but also smart contracts, like those of Tornado Cash 🌪️, a mixer.

The last decision was highly contested in the US, because, unlike other sanctioned entities, Tornado Cash was decentralized.

Here’s the list of OFAC-sanctioned entities related to crypto:

Are OFAC sanctions effective?

Putting a crypto address on the OFAC list means that no US person can interact with them, which implies that the sanctions can be effective only in jurisdictions friendly to the US 🦅

Thus, russian darknet market Hydra (world’s biggest at that time) had its Germany-based servers seized by the German police and stopped working, while russian high-risk crypto exchange Garantex is still operating from russia.

DeFi services like Tornado Cash cannot be switched off (even if the web interface goes down, smart contract keeps running on the blockchain), which means that people with a certain set of skills still can use it. However, since not everyone has that set of skills and few people want to mess with the American government, Tornado Cash inflows have fallen by 68% in the 30 days following its designation.

Crypto hacks 🏴‍☠️

2022 was the biggest year ever for crypto hacking, with the equivalent of $3.8 billion stolen.

Which protocols were most hacked?

DeFi protocols accounted for 82.1% of all crypto thefts for a total of $3.1 billion — up from 73.3% in 2021.

Of that $3.1 billion, 64% came from cross-chain bridge protocols 🌉, which introduce a point of centralization that hackers are always ready to exploit (more on cross-chain bridges’ vulnerability here).

North Korea-linked hackers (like those from the Lazarus Group) represent the majority of attackers, stealing an estimated $1.7 billion worth of crypto in 2022. These hackers are also known to use crypto mixers to try and obfuscate the trace of funds, which pushed the OFAC to sanction Tornado Cash.

How is illicit crypto laundered? 🧼

Overall, illicit addresses sent nearly $23.8 billion worth of cryptocurrency in 2022. It represents 0.27% of the total crypto transactions volume.

For comparison, the UN estimates that fiat money laundering represents 2 – 5% of global GDP, or $800 billion – $2 trillion per year 👀

Half of it went to centralized exchanges, signaling that conversion to fiat is still crucial, and showing exchanges’ compliance teams they must stay vigilant.

Contrary to popular opinion, DeFi protocols are not very favored for laundering money – most of all because they are transparent by design. Still, the amount of illicit funds that went through DeFi increased to 24%, as most crypto was stolen from DeFi.

Is law enforcement keeping up? 👮

One of the reasons many crypto scams go unreported, or reported very late, is that most people still think that crypto transactions are anonymous 🤦‍♀️ What’s more, even some law enforcement officers think so, making it hard for scam victims to get help.

This is changing though, with the record amount of crypto seized by the US authorities:

👮‍♀️$3.6 billion seized from two persons involved in the Bitfinex hack

👮‍♀️$3.36 billion in Bitcoin stolen from the darknet market Silk Road (seized in the end of 2021, but announced only next year)

👮‍♀️$30 million hacked from Ronin bridge seized from Lazarus Group

👮‍♀️$25 million seized from Hydra darknet market (in cooperation with German police)

👮‍♀️Other stories include the Dutch National Police tricking the ransomware strain Deadbolt into giving up victim decryption keys and London Metropolitan Police using blockchain analysis to track drug traffickers.


All in all, crime as a share of all crypto activity is still trending downwards, and law enforcement is progressively getting better at tracking cyber criminals. The best thing we can do to decrease crypto’s illicit activity even further is to be vigilant and not let ourselves be scammed ✌️

Keep safe ! 😘