Crypto exchange platform Exch.cx is being used as a conduit for stolen funds, primarily to convert them into the untraceable cryptocurrency Monero (XMR). The platform’s inability to trace transactions beyond this point has made it an attractive option for crypto crooks.
The platform has been embroiled in major hacks and asset leaks. For instance, Exch.cx has been implicated in the Lykke service hack and the laundering of assets by the notorious DPRK group.
In February 2024, researchers observed that after the hack and theft of funds from FixedFloat, hackers used Exch.cx to launder the stolen cryptocurrencies.
These events, among others, involving so-called ‘drainers,’ have underscored the platform’s vulnerabilities and its appeal to the criminal underworld.
Researchers believe that a critical factor contributing to Exch.cx’s popularity among criminals is its apparent disregard for anti-money laundering regulations.
Assets labelled ‘Stolen Funds’ must be blocked immediately until the circumstances are clarified. However, Exch.cx has consistently failed to meet this requirement, continuing to process these transactions without any hindrance, raising serious suspicions about the platform’s possible involvement in money laundering activities.
“In all of these cases, assets sent to this platform were already labelled “Stolen funds”, which requires them to be blocked immediately until the circumstances are clarified. However, Exch.cx does not fulfil these requirements and continues to process such transactions without any obstacles, which raises serious suspicions of its involvement in money laundering,” note researchers.
Cybersecurity experts’ main cause of concern is that despite being marked suspicious, transactions associated with the DPRK group have freely entered the exchange and remained unblocked.
Similarly, in the case of the Lykke exchange hack, marked cryptocurrency assets were leaked through Exch.cx without the platform’s intervention.
Researchers conclude with high confidence that such incidents occur due to the probable lack of AML risk assessment tools at Exch.cx. While the platform responds to law enforcement requests, the information it provides is often vague and lacks critical data about clients involved in suspicious transactions. This non-cooperative stance significantly hampers investigations, making it difficult to apprehend criminals.
“This case is not an isolated one in the cryptocurrency world. Many similar platforms provide criminals with the opportunity to safely transfer and launder stolen assets while evading legal liability and regulatory compliance. The lack of strict AML policies and inaction on Stolen funds only reinforces these negative trends, creating a haven for illicit financial transactions,” concluded researchers.
In the News: Cloudflare replaces malicious Polyfill links with a mirror site
