Blockworks: The Purpose and Perils of Crypto Privacy Tools
On April 11, 2022, Travis Hoyt was featured in the Blockworks article, The Purpose and Perils of Crypto Privacy Tools. Preview the article below, or read the full article online.
+ + +
Crypto services designed to improve transaction privacy continue to be used in illegal activities, but using so-called mixers for nefarious purposes is becoming increasingly risky.
A cryptocurrency mixing service is used to privately transfer cryptoassets between wallets by comingling funds in a pool of assets belonging to many participants.
The hacker who last month exploited the Ronin Network for roughly $625 million recently transferred thousands of ether to Tornado Cash, a privacy tool for Ethereum. More than 165,000 ETH remains in the attacker’s wallet.
Tornado Cash, a decentralized protocol for private transactions on Ethereum, breaks the on-chain link between source and destination addresses, according to its website. The protocol uses a smart contract accepting ETH deposits that can be withdrawn by a different address. The longer the funds remain in the pool before being withdrawn, the greater the privacy protections.
“While Tornado Cash can be used for illegal activities, like money laundering or tax fraud, many believe that it is a crucial tool for maintaining financial anonymity,” NetSPI Chief Technology Officer Travis Hoyt told Blockworks.
“Due to the nature of mixers like Tornado Cash obscuring transactions, consumers that lack a full understanding of crypto’s security infrastructure may be susceptible to risks such as inadvertent money laundering.”
The Latest Seizures
The ethos behind mixers is to harbor more financial freedom and privacy, bringing cash-like anonymity to otherwise public transaction ledgers, by deliberately making transactions hard to regulate, Hoyt said. Such technology can be used lawfully or unlawfully; the only way to avoid risk completely is to not engage at all.
“While there are a plethora of general resources about crypto available, the industry must prioritize education on the inherent security risks and how to best mitigate these risks,” Hoyt said. “Aside from consumers actively choosing to not utilize mixers, this is the best way to ensure ethical crypto traders remain protected.”
Explore More News
NetSPI Expands Suite of AI-Powered Continuous Pentesting Services as Organizational Attack Surfaces Grow
NetSPI expands suite of Human-Led, AI-Powered Continuous Pentesting Services, including a first-of-its-kind AI Findings Validation service, as well as continuous testing for web applications and internal networks.
AI’s Role in the Next Era of Pentesting
This article discusses how AI can accelerate penetration testing, but without human expertise to validate findings and apply business context, organizations risk confusing faster output with stronger security.
Why Continuous Security Validation is Becoming a Security Imperative
CTO Magazine interviewed NetSPI's Field CISO, Nabil Hannan, for a June 11, 2026, article about how cloud-native architectures, continuous deployment pipelines, APIs, and AI-assisted development have accelerated change across enterprise environments.