A new report from Reuters estimates that at least $2.35 billion in illicit funds have been laundered through between 2017 and 2021.
The news agency analyzed court records, spoke with law enforcement, and worked with blockchain analysis firms Chainalysis and Crystal Blockchain to track illicit funds on the exchange.
As of Monday morning, Binance was the largest crypto exchange, accounting for $10.5 billion in spot and $41.4 billion in derivatives volume over the last day, according to CoinMarketCap.
The report quotes Binance Chief Communications Officer Patrick Hillman, who told Reuters that he did not believe its analysis was accurate.
He did tell the news agency that the company was in the process of assembling "the most sophisticated cyber forensics team on the planet" that would "further improve our ability to detect illegal crypto activity on our platform."
A Binance spokesperson shared a response to the article with Decrypt, saying that the company has received "an outpouring of support from partners in law enforcement across the globe" since the article was published on Monday morning.
"We're aware of Angus Berwick's latest woefully misinformed op-ed," the spokesperson said in an email. "It should be noted that the article uses outdated information from 2019 and unverified personal attestations as a crutch to establish a false narrative."
The report connects several notable events and platforms, including the hack of a Slovakian crypto exchange Eterbase, darknet marketplace Hydra, and the North Korean hacking group Lazarus, each of which involved Binance to facilitate various crypto transactions.
In September 2020, attackers from the Lazarus group created anonymous Binance accounts and used them to launder a portion of $5.4 million stolen from Slovakian cryptocurrency exchange Eterbase, according to the Reuters analysis.
"Binance had no idea who was moving money through their exchange," said Eterbase co-founder Robert Auxt.
After the hack, Eterbase sought to work with Binance to recover the stolen funds. On September 9, 2020, Reuters reported that Binance CEO Changpeng Zhao tweeted that the exchange would "do what we can to assist" Eterbase.
Emails shared with Reuters reportedly show that Binance declined to share information or account data without a request from law enforcement.
Eterbase eventually shut down its exchange and eventually filed for bankruptcy.
The company filed a criminal complaint with Slovakia's National Crime Agency (NCA) in June 2021. After the NCA sent two requests to Binance, according to the report, the exchange sent records for 24 accounts that were linked to usernames like "benjaminfranklin" and "garathbale."
The Reuters report also estimates that Russian-language darknet site Hydra used Binance to process payments for drugs totaling $780 million.
Hillman told Reuters that the total was "inaccurate and overblown."
Earlier this year, the U.S. Justice Department announced that it had cooperated with German law enforcement to seize Hydra's servers. At the time, the DOJ estimated that Hydra was responsible for 80% of all darknet crypto transactions and that it had received $5.2 billion since 2015.
Posts reviewed by Reuters from Hydra show that in March 2018, Binance was the preferred way to process payments because of the minimal identifying information required to create an account.
"This is the fastest and cheapest way I've tried," one user wrote, according to Reuters.
The report frequently mentions Lazarus, a group of hackers that U.S. law enforcement has said uses its ill-gotten gains to fund North Korea's nuclear weapons program. As a result, the U.S. sanctioned Lazarus in 2019.
Chainalysis, which worked with Reuters on the report, estimates that the group had stolen crypto worth $1.75 billion by 2020.
According to Reuters, Lazarus used Binance to launder money from the $5.4 million Eterbase attack in 2020 too, and the $622 million attack on the Ronin sidechain that connects Axie Infinity to the network.
Hilman told Reuters that Binance has identified and frozen more than $5 million connected to the Ronin sidechain hack. He also said that the exchange continues to work with law enforcement agencies in the investigation.