The professionalization of the illicit onchain ecosystem reached a new quantitative peak in 2025 as sovereign states integrated with established criminal supply chains to bypass global financial restrictions.
According to a new Chainalysis report shared with The Block on Jan. 8, total value received by illicit cryptocurrency addresses climbed to $154 billion for the year. This figure represents a 162% increase over the previous year’s revised total, a shift the blockchain intelligence firm said was driven largely by a surge in activity linked to sanctioned entities, including state-level sanctions evasion.
Notably, Chainalysis emphasized that the $154 billion figure is a lower-bound estimate.
“A year from now, these totals will be higher as we continue to identify more illicit addresses and incorporate their historical activity into our estimates. For perspective, when we published last year’s Crypto Crime Report, we reported $40.9 billion for 2024. One year later, our updated estimate for 2024 is substantially higher at $57.2 billion, with much of that growth coming from various types of illicit actor organizations providing onchain infrastructure and laundering services for high-risk and illicit actors,” the Chainalysis team wrote.
Despite the record nominal value, the illicit share of all cryptocurrency transaction volume remains below 1%. Chainalysis noted its methodology generally excludes revenues from non-crypto-native crimes, such as traditional drug trafficking, where crypto is used only as a payment method, because such transactions are indistinguishable from legitimate activity using onchain data alone.
State actors and stablecoins define new threat landscape
Chainalysis attributed a significant share of 2025’s illicit volume to a narrow set of state-linked actors, led by North Korea, Russia, Iran-aligned networks, and Chinese money laundering groups.
North Korean-linked hackers stole $2 billion in 2025, per the report, which Chainalysis described as their most destructive year to date in both value and sophistication. The majority of that sum originated from the Bybit exploit in February — a nearly $1.5 billion incident identified as the largest digital heist in crypto history.
Russia accounted for another major portion of state-linked onchain activity through the ruble-backed A7A5 stablecoin, according to the firm. Chainalysis said the token facilitated more than $93.3 billion in transactions within its first year after launching in February 2025, despite escalating enforcement actions.
The U.S. Office of Foreign Assets Control sanctioned the network behind A7A5 on Aug. 14, 2025, stating it was created for Russian customers to facilitate cross-border settlements for sanctions evasion. The European Union sanctioned the stablecoin on Oct. 23, 2025, calling it a “prominent tool for financing activities supporting the war of aggression.”
Beyond Russia and North Korea, Chainalysis highlighted Chinese money laundering networks as a dominant force, offering laundering-as-a-service and infrastructure supporting fraud, hack proceeds, and sanctions evasion.
Per the report, Iranian proxy networks also facilitated over $2 billion in onchain activity for money laundering, illicit oil sales, and arms procurement, with groups including Hezbollah, Hamas, and the Houthis using crypto at unprecedented scales.
Stablecoins accounted for 84% of all illicit transaction volume in 2025, the report found. Chainalysis noted this mirrors broader ecosystem trends, with criminals preferring stablecoins for their easy cross-border transferability and lower volatility.
According to Chainalysis, illicit crypto activities increasingly rely on full-stack illegal infrastructure providers offering hosting, domain registration, exchange access, and laundering services designed to withstand takedowns and enforcement actions. The blockchain intelligence firm noted that the same providers are used by ransomware operators, scam networks, and state-aligned actors.
The firm also pointed to a growing overlap between onchain crime and physical violence, including cases of human trafficking and coercive attacks aimed at forcing victims to transfer crypto assets, often timed around periods of heightened market activity.
© 2026 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Trade Crypto On Coinhub Exchange
Trade Crypto On Coinhub Exchange
Stay ahead of the market by turning news insights into trading opportunities. With Coinhub Exchange, you can seamlessly buy, sell, and manage your digital assets, all in one secure platform. Take advantage of real-time market insights, deep liquidity, and fast execution for your favorite cryptocurrencies. Don’t just read about it — trade crypto now!
Disclaimer
The content of this article shown by Coinhub News, powered by The Block, is for informational purposes only and should not be construed as financial, legal, tax, or investment advice. Coinhub News and its affiliates are not a licensed financial advisor, legal advisor, broker, or tax advisor, and ... should not be considered as professional advice or a recommendation to engage in any specific investment, legal decision, or financial transaction. Cryptocurrency markets are highly speculative and volatile. Readers should perform their own independent research and consult with a qualified professional before making any financial or legal decisions. The opinions expressed in this article are those of the author and do not necessarily represent the views or opinions of the Company of its affiliates. Additionally, the Company does not make any representations or warranties regarding the accuracy, timeliness, reliability, or completeness of any information in this article. By accessing this content, you acknowledge that any reliance on the information contained in this article is solely at your own risk. The Company is not responsible for any financial losses, legal disputes, or other damages that may arise from reliance on this content or from any investment or legal decisions based on the information provided. Investing in cryptocurrencies involves substantial risks, including the risk of losing your entire investment, and you should carefully consider whether it is appropriate for your circumstances.
Read more
