German Authorities Shut Down eXch: Inside the Crypto Exchange That Allegedly Laundered Billions

In a significant blow to cryptocurrency-based money laundering operations, Frankfurt authorities announced Thursday they had suspended operations of crypto exchange platform eXch and seized digital assets valued at approximately €34 million ($38.2 million). The platform, which had operated since 2014, allegedly facilitated the laundering of funds from some of the largest cryptocurrency heists in history, including the recent $1.5 billion Bybit hack.

The Shutdown: Third Largest Crypto Seizure in German History

According to an official statement released by the Frankfurt Prosecutor's Office on May 9, the seized assets included a mixture of cryptocurrencies: Bitcoin, Ethereum, Litecoin, and Dash. The operation, which involved both the German Federal Criminal Police Office (BKA) and Dutch officials, marks the third-largest confiscation of crypto assets in the BKA's history.

"We will continue to increase the risk of loss for the underground economy with all the means at our disposal. Our goal remains to hold those responsible accountable," said Carsten Meywirth, Director of the Federal Criminal Police Office and Head of the Cybercrime Division.

In addition to seizing cryptocurrency, authorities also confiscated eXch's German server infrastructure, which contained over eight terabytes of data, effectively shutting down the platform.

How eXch Operated: A "Swapping" Service Without Safeguards

Founded in 2014, eXch positioned itself as a cryptocurrency swapping service that allowed users to exchange various digital assets quickly and anonymously. The platform operated on both the regular internet and the dark web, using the domain "eXch.cx" and several other addresses.

What distinguished eXch from legitimate cryptocurrency exchanges was its deliberate lack of anti-money laundering (AML) protocols. The platform:

• Required no user identification
• Implemented no Know-Your-Customer (KYC) verification
• Claimed to store no user information
• Specifically marketed itself on underground economy websites

These features made eXch particularly attractive to those looking to obscure the source of criminally obtained cryptocurrencies. Since its launch, the platform is estimated to have facilitated approximately $1.9 billion in crypto transfers, with authorities suspecting a significant portion originated from illegal activities.

Connection to Major Crypto Heists

According to crypto investigator ZachXBT, eXch was allegedly used to launder funds from several high-profile cryptocurrency thefts:

• The $1.5 billion Bybit hack (February 21, 2025)
• The $1.4 billion Multisig hack
• The FixedFloat exploit
• The theft of approximately $243 million from Genesis Creditor
• Various phishing scams over the past few years

The Bybit hack, in particular, stands as one of the largest exploits in the Web3 space, with hackers extracting approximately $1.46 billion from the exchange's ETH cold wallet. According to Bybit CEO Ben Zhou, nearly 30% of the stolen funds can no longer be tracked, while as much as 84.5% is believed to have been converted to Bitcoin via cross-chain liquidity protocol THORchain.

ZachXBT was among the first security analysts to report eXch's connection to the Bybit hack, noting on February 22 that "Lazarus Group transferred 5K ETH from the Bybit Hack to a new address and began laundering funds via eXch (a centralized mixer) and bridging funds to Bitcoin via Chainflip."

The Planned Shutdown and Final Days

Interestingly, eXch had announced plans to terminate its services by May 1, 2025, just days before the authorities' seizure. In a mid-April post on Bitcoin Talk, the platform denied involvement in laundering funds from the Bybit hack but acknowledged operating in what they called a "hostile environment."

"Even though we have been able to operate despite some failed attempts to shut down our infrastructure [...], we don't see any point in operating in a hostile environment where we are the target of SIGINT [Signals Intelligence] simply because some people misinterpret our goals," the announcement stated.

In their farewell message, eXch claimed they were "privacy enthusiasts" whose project was "an attempt to restore balance in this industry." The platform operators maintained they never intended to "enable illicit activities such as money laundering or terrorism," despite being accused of these actions.

They also announced a 50 BTC open-source fund to support free and open-source software (FOSS) projects aimed at enhancing privacy solutions, including Bitcoin wallets and protocols designed to preserve user privacy.

OFFICIAL ANNOUNCEMENT

It's time, friends.

eXch will officially shut down its operations effective May 1st, 2025.

Almost all of you know that eXch started as a project aimed at demonstrating to the community that alternatives can exist during times when there were none. We have never had any financial goals with this project and rather, we conducted an experiment that was unexpectedly successful.

Recently, we received confirmation of information we had previously, thanks to some friends we have even in the state intelligence sector, that our project is the subject of an active transatlantic operation aimed at forcibly shutting our project down and prosecuting us for "money laundering and terrorism."

Even though we have been able to operate despite some failed attempts to shut down our infrastructure (attempts that have also been confirmed to be part of this operation), we don't see any point in operating in a hostile environment where we are the target of SIGINT simply because some people misinterpret our goals. Starting from the date of the merger with a new management team this month, and as a result of some urgent meetings, the majority of us voted to cease and retreat instead of going against strong winds, because none of us wants to cause any harm to innocent people or this forum.

The goals we certainly never had in mind were to enable illicit activities such as money laundering or terrorism, as we are being accused of now. We also have absolutely no motivation to operate a project where we are viewed as criminals. This doesn't make any sense to us.

Originally, we were just a team of privacy enthusiasts with main areas of interest quite distant from cryptocurrency, where we saw the absolutely unfair happenings. This project was an attempt to restore balance in this industry.

Our project has demonstrated that an instant exchange done properly can be more effective than any centralized mixer in terms of privacy, which is why it has been referred to as "a mixer" many times by third parties, even though we have continuously rejected this label.

Our project has shown that it's possible to operate without abusing customers with nonsensical policies, unlike projects that will accept this announcement as a "weight lifted off their shoulders" that pretend to believe the false idea that confiscating crypto from customers somehow prevents "money laundering", who rely on random and unreliable scoring systems created and operated by companies that are parasites aiming to extract money from their governments by providing consulting based on the segregation of the crypto space and blockchain data. If we were to look at these projects from the perspective of "preventing money laundering and terrorism financing", any instant exchangers that screen their customer deposits using third-party APIs and appeal to nonsensical AML/KYC terms are far from preventing money laundering and terrorism. If they were serious about this, they would need to stop hiding behind shelf offshore companies and start conducting strict due diligence on every customer, which none of them do in reality. The absurdity is compounded by the absolute uselessness of the address score reporting APIs they use, as any of these screening mechanisms can be easily bypassed.

Our project will also demonstrate that even without it, this space will continue to have ways and instruments for those engaging in illicit activities to effectively "launder" their funds. Thus, the goal of stopping eXch under the belief that it may stop all money laundering in the world is ridiculous.

Meanwhile, our project effectively provided privacy to all our customers and even anonymity to most. However, there are still far more effective ways to achieve it, thanks to these flagship projects that exist nowadays:

- Monero, with its total privacy, although not without some recently discovered issues that are serious and should be fixed with the Full-Chain Membership Proofs implementation

- Litecoin, with its optional privacy (MWEB)

- Dash, with its optional privacy

- Tornado Cash

- Bitcoin CoinJoin protocols

Another distinctive project that does not betray its mission is Thorchain. Even under the immense pressure that the whole industry had to deal with due to the irresponsible actions of those at ByBit, Thorchain was the only decentralized protocol that resisted the pressure to implement screening mechanisms at the protocol level, proving itself to be absolutely reliable. Even though all Thorchain trades are transparent on-chain, privacy and even total untraceability can be easily achieved when combined with some of the privacy-enabling projects mentioned above, when used correctly. However, the Thorchain network currently has a very limited choice of good interfaces, aside from Asgardex and MMGen wallets, and none of them are privacy-preserving, but we hope this can change.

Bitcoin privacy remains, however, in the midst of a notable crisis given the collapse of all important projects and protocols that had significant liquid CoinJoin-like pools. The most interesting and convenient of them in terms of usability remains WabiSabi; however, it needs some lightweight client implementations to achieve greater popularity in order to effectively prevent serious risks associated with Sybil attacks. We certainly know that most people in this space prefer lightweight solutions to heavy software solutions, and this factor can significantly affect the popularity and usage of any good project.

Given this, we are announcing a 50 BTC open-source fund to support any FOSS projects aiming to enhance the availability of privacy solutions. We hope we can still make a difference. Here are examples of the projects we will support:

- Bitcoin wallets and protocols aiming to preserve user privacy

- Lightweight clients for WabiSabi

- Thorchain wallets are aiming to preserve user privacy

- Bisq Light Client

- Ethereum wallets and smart contracts aiming to preserve user privacy (an example of such might be a "non-rigged" fork of Railgun smart contracts and wallets allowing users to operate in Tor)

Unfortunately, we will not support projects that are written in Java, NodeJS, Go, or C#, especially developers who don't take module chain supply attacks seriously and believe they're some kind of "conspiracy theory".

There will be other projects that will hopefully take our place as the industry leader in privacy-oriented centralized exchanges, and we wish them success.

Our partners will still have access to our API for a limited time, but what happens after May 1st will depend on our new management team, who will be in possession of all access to our infrastructure. Thus, we recommend launching their own liquidity pools to guarantee seamless operation. We will provide consulting and recommendations to them.

Privacy is not a crime.

The Significance of the Shutdown

Senior public prosecutor Benjamin Krause emphasized the importance of the operation, stating that action was necessary against "quick and anonymous opportunities for money laundering for any amount."

"Crypto swapping is an essential component of the underground economy, used to conceal incriminating funds from illegal activities such as hacking or trading in stolen payment card data, thus making them available to perpetrators," Krause said.

The shutdown of eXch represents a significant development in law enforcement's ongoing battle against cryptocurrency-facilitated money laundering. However, as eXch itself noted in its farewell message, alternative methods for obscuring the origins of digital assets continue to exist, including privacy-focused cryptocurrencies like Monero, Litecoin with its optional privacy features (MWEB), and protocols like Tornado Cash. Also READ: Crypto Exchange eXch Denies Involvement in Bybit Hack Laundering Scheme.

The Broader Context: Regulation vs. Privacy

The eXch case highlights the ongoing tension between regulatory efforts to combat financial crimes and the cryptocurrency community's emphasis on privacy and autonomy.

While legitimate cryptocurrency exchanges increasingly implement robust AML and KYC procedures to comply with regulations, platforms like eXch have sought to provide services that prioritize user anonymity. The crackdown on eXch may signal heightened regulatory scrutiny of similar platforms in the future.

For users of cryptocurrency exchanges, this case underscores the importance of understanding the regulatory compliance status of the platforms they use. As authorities intensify efforts to combat crypto-related financial crimes, exchanges that fail to implement proper AML measures may face similar consequences.

The eXch shutdown also raises questions about the effectiveness of current regulatory approaches in preventing cryptocurrency-related crimes. As the platform itself argued, determined actors may still find ways to obscure the origins of illegally obtained digital assets, even as authorities shut down specific services.

As the cryptocurrency ecosystem continues to evolve, the balance between privacy, security, and regulatory compliance remains a complex and contentious issue—one that the eXch case brings into sharp focus.