AUG 29, 2023
Unveiling the Dark Cryptocurrency Underworld in Southeast Asia
by 吴说猫弟, WuBlockchain
In recent times, the Chinese anti-fraud promotional film "No More Bets" has gained immense popularity. Within the plot, overseas fraud syndicates employ an attractive female persona to deceitfully involve victims in cryptocurrency Ponzi schemes, ultimately swindling their funds. As this storyline unfolds, along with the concentrated exposure of illicit activities in the Southeast Asian gray market, numerous viewers have found resonance in the narrative.
Art derives from life, and cryptocurrency, as a novel vehicle of value and transmission, has been extensively adopted by criminal groups in Southeast Asia. It leaves its mark in activities encompassing online gambling, fraud, and money laundering, among others. Its attributes of anonymity, decentralization, and borderlessness make these illicit activities more covert, enabling swift fund circulation and presenting challenges to law enforcement agencies.
Fortunately, blockchain ledger data is publicly transparent. Leveraging a wide range of address labels and open-source network intelligence, cryptographic analysts can trace funds involved in unlawful cryptocurrency activities through on-chain analysis. This article aims to elucidate through data:
●Tether (referred to as USDT hereafter) is widely utilized in illicit and gambling activities across Southeast Asia. In Bitrace's monitored addresses, the scale exceeded 115 billion USDT in 2022;
●The inflow of USDT contributes to risk propagation to numerous addresses and platforms, inadvertently linking them to unlawful platforms. In 2022, over 14.6 billion USDT flowed into trading platform accounts;
●The outflow of USDT from Southeast Asian illicit platforms primarily burdens major exchanges. However, operators and gamblers of gray and black market platforms in Southeast Asia, predominantly of Chinese origin, exhibit a preference for a minority of exchanges.
Cryptocurrency Ponzi Scheme Example
Among the various illicit industries in Southeast Asia, telecom fraud stands out as one of the most notorious. In the realm of new technologies, cryptocurrency Ponzi schemes, often referred to as romantic scams, have become increasingly prevalent in recent years. These schemes frequently intertwine with investment fraud. Fraudulent groups identify targets online, creating alluring personas to develop romantic relationships with victims. They then strategically induce these victims to participate in cryptocurrency investments. Once the victims have invested substantial sums of money, they often experience supposed "losses," are coerced into paying "taxes" or additional fees, or find themselves unable to retrieve their principal.
An illustrative case occurred in 2021 in Xiaoshan, Hangzhou. In this Ponzi scheme, victims were enticed to participate in cryptocurrency investments on a platform named "Asia-Pacific Exchange." After victims purchased USDT on other trading platforms and transferred the funds to this particular platform, fraudsters manipulated backend data to rapidly inflate the victims' "profits." Throughout the process, the fraudsters used persuasive language to continually pressure victims to invest more funds. When victims attempted to withdraw their earnings, they were told to pay taxes or face withdrawal restrictions. In pursuit of gains, the victims resorted to reckless borrowing and even mortgaged their properties, resulting in a cumulative investment of 12 million Chinese Yuan worth of USDT. Ultimately, their efforts were in vain.
In fact, the portrayal of individuals engaging in online romantic relationships with victims is fabricated, the investment platform is fraudulent, and the so-called "taxes and fees" are baseless claims. Upon post-incident fund analysis, we have observed that more than one victim has fallen prey to this scheme, and the funds deposited were swiftly funneled into a water house located in Laos after a simple consolidation.
Instances of telecommunications fraud like this, where illicit proceeds are channeled into Southeast Asian money laundering hubs through cryptocurrency, are numerous.
Exceeded $115 billion USDT involving cryptocurrencies illegally in Southeast Asia in 2022
Leveraging extensive data from high-risk blockchain addresses and employing advanced trace analysis technology, Bitrace consistently monitors the inflow and outflow of funds in addresses associated with prominent illicit platforms in Southeast Asia. This enables the timely identification of cryptocurrency funds linked to unlawful activities such as online gambling, scams, money laundering, theft, ransomware, and terrorism.
The research conducted on these types of addresses further indicates that despite garnering significant attention in news and public discourse, the magnitude of cryptocurrency fraud activities on platforms monitored by Bitrace constitutes only a minute fraction of the overall scale of illicit activities and gambling funds in Southeast Asia.
According to the DeTrust risk data platform under Bitrace, a total of over 115 billion USDT flowed into addresses of certain Southeast Asian platforms in 2022. This mainly included 37.16 billion USDT in online gambling funds and 69.78 billion USDT in money laundering funds, with less than 460 million USDT related to fraudulent activities.
Looking at the monthly data, it's evident that the funding scale throughout the entirety of 2022 remained relatively stable. This indicates that such cryptocurrency-involved activities were not significantly influenced by the fluctuations in the cryptocurrency market, to some extent achieving resilience against market volatility. This might suggest that participants or victims, in fact, do not fit the conventional definition of cryptocurrency investors.
14.6 billion contaminated USDT flowed back from Southeast Asia in 2022
Previously, Bitrace disclosed pollution data targeting prominent centralized trading platforms through the use of USDT as a conduit in the TRON network's gambling-related incidents. As the number of illicit entity address labels continued to rise and tracing analysis of associated address funds progressed, we have, in conjunction with the inclusion of additional network and trading platform addresses, obtained a more comprehensive set of pollution data involving USDT as an intermediary.
Scatter plots depicting risk capital data collected from trading platforms (horizontal axis)
Risk capital's pollution of cryptocurrency trading platforms follows the Matthew effect. Among them, the largest player, Exchange A, has seen a greater influx of polluted USDT from Southeast Asia into its business address, including 38.87% from online gambling funds, 60.02% from money laundering funds, 43.94% from other illicit activity funds, and 70.59% from fraudulent funds.
Beyond the factor of size, certain types of polluted USDT also exhibit preferences for different trading platforms. For instance, considering Exchang B, which comprises 12% of the business volume and serves a substantial number of Chinese users, in terms of other illicit activity funds and online gambling funds, Exchange B's business address has received 33.24% and 38.39% respectively, which is nearly on par with Exchange A. This may be due to the fact that most operators of gray and black market platforms in Southeast Asia, as well as gamblers, casino agents, and the operators of fourth-party payment platforms that facilitate cryptocurrency settlements for casinos, are Chinese. This leads to an influx of related funds disproportionately compared to their business volume.
Our industry is facing significant anti-money laundering challenges. Prominent mixing service platform TornadoCash has been sanctioned by the U.S. Department of the Treasury for allegedly assisting certain hackers in money laundering. Previously, numerous centralized or decentralized cryptocurrency institutions have been sued by government agencies for indirectly aiding hackers. For other cryptocurrency entities, compliance may be the only path forward.