How Chinese adepts launder Bitcoins worth millions of dollars

While the whole world is overwhelmed with the Covid-19 situation, some of the celestial people are busy inventing new ways to add money to their crypto wallets. CipherTrace, an analytical platform, has done an in-depth research and analysis on how two Chinese citizens managed to launder cryptocurrencies worth about $100 million. In the USA, they were accused of having previously obtained these Bitcoins illegally hacking the cryptocurrency exchange.

Attention! Let’s make it clear right away, that the AMLSafe service helps to avoid such situations by checking cryptocurrencies for linking to illegal activities.

Anti MoneyLaundering

In retrospect

No matter how complicated was the laundering scheme they invented, all the steps of their scam journey were eventually traced. OFAC, The US Office of Foreign Assets Control, provided evidence that the two Chinese citizens were certainly involved in fraudulent activities, that is the cryptocurrency exchange hacking. Moreover, on March 2, it was discovered that Li Jiadong and Tian Yinying were related to a hacker organization Lazarus, accused of working for North Korea.

According to the US Department of Treasury, the estimated amount of stolen cryptocurrency is $234 million, of which $100 million were transferred to a multi-currency crypto wallet via a labyrinth of different banks and servers (including those registered in North Korea).

Laundering scheme

To stay under the radar, the Chinese scammers carefully planned and applied the so called “peel chains” scheme. The scheme let them bypass the security system of the crypto exchange and do the laundering unnoticed. The accomplices created a whole network of Bitcoin wallets to transfer cryptocurrency to adjacent addresses. After each transfer, a small remaining balance in the amount of 1-5 Bitcoins was transferred back to the crypto exchange.

Overall 146 blockchain wallets were involved in the scheme, and small amount of coins from each of the wallets ended up on the exchange. The equivalent amount in US dollar is $100 million, and they use only two crypto exchanges for this fraud.

Why didn’t the KYC procedure work?

KYC (Know Your Customer) is the procedure used in financial institutions to identify the counterparty before the transaction is made.

To complete the KYC procedure, a user has to present an identification card and address of residence and pass the face verification process. To verify the identity of the owner of the documents a user has to present a photo of self with clearly visible identification information.

Those sophisticated scammers simply used photoshop to deceive the KYC service of the crypto exchange. And not only they photoshopped fake IDs but changed the pictures of the men holding them as well – the heads and the bodies on the photos belong to different people.

In a similar fashion Li linked bank accounts in different banks with his account on the exchange. After laundering the money, he made about 2000 deposits to these banks totaling $32,848,567.

The dangerous consequences

After the laundering scheme was revealed and the connection between the funds and the previously revealed exchange hack was established, all the scammers’ assets, now in possession of physical and legal entities in the USA, must be blocked and transferred to OFAC.

Moreover, all parties making transactions with Tian and Li or with authorized addresses of their wallets, can fall under investigation or violate the sanctions.

113 accounts of virtual assets associated with these theft and money laundering processes may be confiscated by the USA services. This right comes into effect with the fact that these illegal actions affect financial services with customers and accounts from the USA.


Chainalysis company states that the past 2019 year set a record for hacker attacks committed against cryptocurrencies.

On the one hand, the FATF has published the new AML rules to regulate activities in the digital currency segment. According to relevant laws, all cryptocurrency exchanges must verify identities of receivers and senders of digital assets.

On the other hand, KYC is not a panacea and not an ultimate security system. It has its weak spots, as we can see in the Chinese scammers experience.

Services like AMLSafe check the specified crypto wallet with a database of illegal addresses, to prevent a user from receiving assets associated with fraudulent activities like the one mentioned above.

AMLSafe minimizes the risk. This service is recommended to use at all times to decide which Bitcoin wallet to choose and avoid the possibility of being linked to crypto wallets with illegal activity. So before you go on and transfer the funds, check it out, otherwise you risk losing all your digital assets and find yourself in conflict with law.