Experts from Elliptic, a blockchain analytics company, say that since 2020, the RenBridge cryptocurrency bridge has been used by hackers, scammers and others to launder money. To date, at least US$540 million has passed through RenBridge.
Like many other cross-chain bridges, RenBridge is positioned as a kind of alternative to exchanges, allowing you to easily convert cryptocurrencies (for example, ZCash and Bitcoin) to Ethereum, and then to other blockchains.
At the same time, according to analysts, “cross-chain bridges are not only legitimate tools, but also become a key tool for money laundering,” as they allow you to avoid regulation and easily move money between networks.
The expert report states that RenBridge has been used by criminals for a long time. For example, according to them, $33.8 million was laundered across the bridge, stolen in 2021 from the Japanese exchange Liquid, and this attack is attributed to North Korean hackers. Also, about $153 million related to the operations of various ransomware programs allegedly passed through RenBridge, and it is reported that the bridge is especially popular among Russian-speaking groups.
Sometimes the stolen funds even come from other cryptocurrency bridges. For example, last week the Nomad cross-chain bridge lost almost $200 million due to a bug in a smart contract. Analysts at Elliptic write that just hours after exploiting the vulnerability, some of the thieves sent the stolen funds (totaling $2.4 million) through RenBridge.
The researchers conclude that while crypto-currency bridges like RenBridge can pose a big problem for regulators and law enforcement agencies, since in their case there is no central provider that provides cross-chain transactions. “It remains to be seen how this type of activity can be regulated,” the experts conclude.