Imagine a romance text that drains your life savings, ricochets through a shadowy DeFi swap, and resurfaces minutes later in a forced-labor compound half a world away. That chilling route is mapped—transaction by transaction—in “How Do Crypto Flows Finance Slavery? The Economics of Pig Butchering,” a 53-page working paper first posted 28 March 2024 and last revised 2 March 2025 on SSRN (ID 4742235). By following more than $94 billion across Ethereum, Bitcoin, and Tron, authors John M. Griffin and Kevin Mei reveal how ostensibly reputable exchanges, stablecoins such as Tether, and even niche Decentralized Exchanges (DEXs) combine to launder an average $27.8 billion a year for romance-investment fraudsters.
This article pulls out the paper’s most eye-opening numbers—like the 98,000 micro-payments scammers send to build victim “trust”—and unpacks what they mean for anti-money-laundering teams, regulators, DeFi liquidity providers, and anyone holding crypto today. Strap in: the findings redraw the line between legitimate finance and modern-day slavery, and they show just how thin that line has become.
By tracing funds five hops out from 4,512 Ethereum, 4,394 Bitcoin and 993 Tron addresses reported by victims and NGOs, the authors show that US $5.6 billion per year (2021-23) leaves Coinbase, Crypto.com, Kraken and other Western venues in sub-US$500 k increments—amounts typical of individual investors rather than institutional traders. These exits map directly onto romance-investment fraud narratives in which scammers coach targets to move fiat into beginner-friendly exchanges, then out to spoofed trading sites.
Once bundled, funds stream to Binance, Huobi (now known as HTX) and OKX. Average annual outflow: US $27.8 billion into suspicious deposit accounts between 2021-23. The clustering of high-value deposits at these venues highlights jurisdictional arbitrage: scammers exploit weaker enforcement environments while still enjoying deep liquidity.
Across US $1.7 trillion in observed network volume, 78 % is in USDT. Western-facing tokens such as USDC typically appear only at the entry hop before being swapped for Tether, underscoring USDT’s perceived resilience to seizure and its near-universal acceptance on offshore exchanges.
Although Uniswap tops the DEX league tables, the paper finds that 57-60 % of all Tokenlon swaps during 2022-23 involve addresses in the scam network. Victim funds often arrive as ETH or USDC, route through Tokenlon, and re-emerge as USDT or DAI, blurring their provenance before hitting centralized deposit accounts.
Scammers send ≈98,000 micro-deposits (< US$10 k) each year to the same mainstream exchanges favored by their victims, typically in round numbers like US$100 or US$500. These “trust-building” credits show up long before victims empty retirement accounts, providing exchanges a window to intervene.
Aggregating gas fees and swap slippage, the authors estimate that moving US $4 billion through five hops cost just US $13.1 million—around 33 basis points. Crypto therefore undercuts traditional cash-smuggling costs (4–12 %) and encourages scale.
Deposit-address clustering expands the lens to ≈180,000 deposit addresses and US $94.6 billion in inflows (2020-24), with US $62.5 billion sourced directly from exchanges. Even under a restrictive methodology the lower-bound activity still reaches US $16.9 billion annually—multiples above popular crime reports that rely solely on tagged illicit wallets.
Methodology in Brief: The study seeds its trace with victim-supplied addresses, follows outbound flows up to five hops, halts at large unidentified nodes to avoid false positives, and then clusters deposit addresses that share common senders—a conservative design that almost certainly undercounts total scam proceeds.
Important caveat: because the trace stops at five hops and at large nodes, and because only known victim addresses are seeded, the headline numbers should be read as minimums rather than upper bounds.
Victim on Coinbase → ETH withdrawal → Scam address → Tokenlon swap (ETH → USDT) → Aggregation wallet → Binance deposit address. In practice the path loops, hops, and repeats, but the pattern—Western on-ramp, DeFi obfuscation, Asian off-ramp—remains strikingly consistent.
.jpg)
Internal guidance on implementing such controls can be found in our earlier posts on detecting AI-driven pig-butchering scams and how law-enforcement uses blockchain analytics to fight back, which lay out specific KYT rule sets and collaboration frameworks.
The Griffin-Mei study confirms what on-the-ground investigators have long suspected: pig-butchering is the largest organized consumer-fraud scheme ever to hit crypto, and it relies on the same liquidity rails legitimate users depend on. With laundering costs at a mere 0.33 %, criminals can move billions with impunity—unless exchanges, DeFi protocols and policymakers treat outbound flows, stablecoin corridors and micro-deposit patterns as headline AML threats.
The good news is that the blockchain’s transparency flips opacity on its head. Address clustering, hop analysis and inducement-payment heuristics already exist; the missing piece is ecosystem-wide adoption. A concerted push—combining KYT upgrades, targeted designations and victim-alert UX—could raise the cost of laundering above the 4-12 % cash-smuggling benchmark, throttling the economic engine that fuels both financial fraud and the tragic forced-labor compounds behind it.
In short, crypto doesn’t have a pig-butchering problem; it has a compliance gap. Close that gap, and the lifeblood of modern-day slavery begins to dry up.
