The Frankfurt am Main Public Prosecutor’s Office – Central Office for Combating Internet Crime (ZIT) – and the Federal Criminal Police Office ( BKA ) have shut down 47 exchange services hosted in Germany that were “being used for criminal purposes.”
These were platforms on which conventional currencies and cryptocurrencies “could be exchanged.”
The operators of the now-deactivated exchange services “are accused of knowingly concealing the origin of criminally obtained funds on a large scale through inadequate implementation of legal requirements for combating money laundering ( so-called know – your – customer principle), and thus of having committed money laundering and operating criminal trading platforms on the Internet.”
Specifically, the exchange services enabled “exchange transactions without going through a registration process and without checking proof of identity (so-called know-your- customer principle).”
The offer was aimed at exchanging cryptocurrencies “for other crypto or digital currencies quickly, easily and anonymously in order to conceal their origin.”
Exchange services that enable such anonymous financial transactions and thus money laundering represent “one of the most relevant building blocks in the criminal value chain of the cybercrime phenomenon.”
Among the users are ransomware groups, darknet traders and botnet operators who use such services to introduce ransom money or other proceeds of crime “into the regular currency cycle in order to be able to utilize the money obtained through criminal means.”
As part of the measures, the BKA and ZIT were able “to secure extensive user and transaction data from the switched off exchange services.”
This data represents valuable investigative “approaches in the fight against cybercrime.”
In order to combat cybercrime sustainably, personal investigations, i.e. the identification and successful prosecution of criminals, “are an important and effective approach.”
However, since cybercriminals often reside abroad and are tolerated or even “protected by some countries, they often remain inaccessible to German law enforcement.”
The measures taken by the German law enforcement authorities “are therefore also aimed at weakening and dismantling the infrastructure of cyber criminals.”
This infrastructure approach has recently “enabled the underground economy to be deprived of considerable financial resources.”
In addition, IT systems and data have been seized, which have led to further investigations.
In 2023, for example, the server “infrastructure of ChipMixer, the world’s top-selling crypto mixer on the darknet, was seized and the equivalent of around 90 million euros was secured. In addition, the infrastructure of several criminal marketplaces was seized – including Kingdom Market.”
In addition, the malware Qakbot was taken offline in 2023 and Emotet in 2021.
Both were among the top threats from cyberspace and caused damage amounting to several hundred million euros worldwide. In 2024, the international operation “Endgame” was directed against six of the largest malware families and “targeted their infrastructures, specific actors and their financial resources.”