Hoplon InfoSec
12 May, 2025
Germany’s Federal Criminal Police Office (aka Bundeskriminalamt or BKA) has seized the online infrastructure and shut down the eXch cryptocurrency exchange over allegations of money laundering and operating a criminal trading platform.
The operation was carried out on April 30, 2025, authorities said, adding they also confiscated 8 terabytes worth of data and cryptocurrency assets worth €34 million ($38.25 million) in Bitcoin, Ether, Litecoin, and Dash.
According to the BKA, eXch cryptocurrency service existed since 2014 and offered cryptocurrency swapping services, allowing its users to exchange digital assets. It was available both on the clearnet and the dark web, providing an anonymous channel for users to move assets without scrutiny.
Authorities revealed that eXch “specifically advertised on platforms of the criminal underground economy (UE) that it did not implement any anti-money laundering measures,” the BKA said in a statement.
“Users were neither required to identify themselves to the service, nor was user data stored there. Crypto swapping via eXch was therefore particularly suitable for concealing financial flows.”
Cryptocurrency assets worth an estimated $1.9 billion are believed to have been transferred using the service since its launch. This includes a portion of the illicit proceeds gained by North Korean threat actors following the Bybit hack earlier this year, further amplifying concerns over eXch’s role in global cybercrime.
The development came just weeks after eXch announced its own plans on April 17 to cease operations effective this month. Authorities acted swiftly, securing “numerous pieces of evidence and leads” during the operation.
In a surprising twist, eXch cryptocurrency platform took to the BitcoinTalk forum to announce its closure, stating that it had “received confirmation of information” that the platform was the “subject of an active transatlantic operation aimed at forcibly shutting our project down and prosecuting us for ‘money laundering and terrorism.’”
eXch, however, denied any malicious intent: “The goals we certainly never had in mind were to enable illicit activities such as money laundering or terrorism, as we are being accused of now,” it claimed. “We also have absolutely no motivation to operate a project where we are considered criminals. This doesn’t make any sense to us.”
The takedown of eXch isn’t just about money laundering. In a report published on May 2, blockchain intelligence firm TRM Labs disclosed alarming on-chain activity. They identified connections to child sexual abuse material (CSAM) threat actors, revealing that the service had been directly exposed to more than $300,000 in CSAM-related funds.
“Although eXch cryptocurrency exchange publicly positioned itself as a privacy-focused exchange, it developed a reputation for obstructing ecosystem accountability,” the company said. “This was demonstrated by it refusing to assist Bybit in freezing funds potentially connected to its hack.”
Following the takedown, the Dutch Fiscal Information and Investigation Service (FIOD) stated that it is “actively investigating individuals involved in money laundering and other illegal activities through this swap service.”
In its announcement, FIOD was keen to clarify the intent behind the crackdown: “We want to make one thing clear: this action is not an attack on privacy. We respect the right to privacy and recognize its importance in the digital age. However, when services are heavily abused to commit crime, we will act,” it added.
“We urge everyone involved in illicit activity to cease immediately. The legal consequences can be serious. Privacy is not the problem – criminal misuse is.”
The shutdown of eXch marks a significant step in combating cryptocurrency-enabled crimes. It also serves as a stark reminder to operators of digital asset platforms that privacy cannot be used as a shield for illegal activities. With the confiscation of €34 million in cryptocurrency and 8TB of data, authorities now have a goldmine of evidence that could potentially unmask layers of global money laundering networks.
The ripple effects are already being felt across the industry, with many underground forums going silent in fear of ongoing investigations. Law enforcement agencies are likely to leverage the seized data to track and prosecute individuals connected to the platform, further disrupting the global cybercrime economy.
As for the users of eXch, the BKA and FIOD have not yet disclosed whether individual users will face prosecution. However, experts suggest that wallet addresses and transaction logs stored in the 8TB of seized data may lead to a series of targeted investigations.
The shutdown of eXch cryptocurrency is not just an isolated incident. It signals an evolving stance by European law enforcement against unregulated crypto platforms that enable money laundering and dark web transactions. As regulations tighten, platforms that skirt compliance are likely to face similar fates. This move is likely to push other underground exchanges to reconsider their business models or risk facing legal repercussions.
The confiscation of digital assets and massive data sets also raises questions about data privacy and the power of authorities in the crypto space. While privacy advocates may criticize the extent of the seizures, law enforcement sees it as a necessary measure to curb financial crimes that have flourished in the shadows of digital anonymity.
Moving forward, the case of eXch could become a landmark example for international cooperation in cybercrime prevention. Countries may adopt more aggressive policies, making it harder for illicit platforms to operate under the radar.
The message is clear: the age of lawless cryptocurrency swapping is nearing its end. If platforms don’t comply, they risk facing the same fate as eXch – total shutdown and exposure to the authorities.
With global regulators increasing scrutiny, the shutdown of eXch serves as a powerful precedent, signaling that the age of unregulated digital currency swaps is coming to a close. For those still operating in the shadows, it’s a stark warning: adapt or be dismantled.
Did you find this article helpful? Follow us on Twitter and LinkedIn for more Cyber Security news and updates. Stay connected on Facebook and Instagram as well. At Hoplon Infosec, we’re committed to securing your digital world.
Share this :