SlowMist Blockchain Security and AntiMoney Laundering Report for the First Half of 2024

Introduction
SlowMist Technology has released the “2024 Semi-Annual Report on Blockchain Security and Anti-Money Laundering” (hereinafter referred to as the “Report”). The report summarizes the key regulatory compliance policies and trends in the blockchain industry in the first half of 2024, including, but not limited to, various regulatory positions on cryptocurrencies and a series of core policy adjustments. We have reviewed and outlined the blockchain security events and anti-money laundering trends in the first half of 2024, providing insights into common money laundering tools and phishing theft techniques, as well as effective prevention methods and response strategies for such issues. Additionally, we have disclosed and analyzed major phishing criminal organizations such as Wallet Drainers and hacker groups like the Lazarus Group in the hope of providing a reference for preventing such threats.


I. Background
According to CoinMarketCap data, as of June 30, 2024, the total market value of the global cryptocurrency market has reached approximately $23.4 trillion, demonstrating the increasingly strong momentum of the global blockchain market. However, the growing momentum of the blockchain market also brings increasingly severe challenges to blockchain security. As blockchain applications expand and deepen, attackers have become more sophisticated and intelligent, continuously exploiting vulnerabilities in blockchain systems, resulting in significant losses.
In this context, the report focuses on two main aspects: blockchain ecosystem security and anti-money laundering (AML) security, providing a comprehensive understanding of current and future blockchain security risks.
II. Blockchain Security Situation
2.1 Overview of Blockchain Security Events
According to SlowMist’s Hacked Blockchain Incident Database, there were a total of 223 security events in the first half of 2024, resulting in losses of up to $1.43 billion. Compared to the first half of 2023 (185 incidents, with losses of approximately $920 million), the losses increased by 55.43% year-on-year. (Note: Personal losses were not included in the statistics in this report).


(https://hacked.slowmist.io/)
From an ecological perspective, Ethereum suffered the highest losses, reaching $400 million. This was followed by Arbitrum, with approximately $72.46 million, and Blast, with around $70 million. Additionally, BSC experienced the most security incidents, with 57 incidents and losses of about $32.12 million.


In terms of project types, DeFi was the most frequently targeted area. In the first half of 2024, there were a total of 158 security incidents related to DeFi, accounting for 70.85% of the total incidents, with losses amounting to $659 million. This represents a 37.29% increase in losses compared to the first half of 2023 (111 incidents, with losses of about $480 million). Additionally, security incidents on trading platforms resulted in losses of $524 million, with the DMM Bitcoin incident accounting for $305 million, making it the largest security incident in the first half of 2024.


In terms of loss, two incidents resulted in losses exceeding $100 million. The following are the top 10 security incidents in the first half of 2024:


In terms of the causes of security incidents, contract vulnerabilities accounted for the most incidents, with 56 incidents and losses of approximately $104 million. This was followed by incidents caused by exit scams, with 50 incidents.


2.2 Phishing/Theft Techniques
This section includes some of the phishing and theft techniques disclosed by SlowMist in the first half of 2024, such as:
– Identical prefix and suffix phishing
– Malicious extension programs
– Malicious Trojan programs
– Malicious bookmark phishing
– Signature authorization phishing
III. Anti-Money Laundering Situation
3.1 Anti-Money Laundering and Regulatory Developments
This section will focus on the significant developments in the field of anti-money laundering (AML) and regulatory dynamics in the cryptocurrency sector, including:
– Chinese courts
– Hong Kong, China
– Singapore
– U.S. regulation
– European Parliament
– Middle East region
3.2 Security Event Anti-Money Laundering
Data on fund freezes:
– Tether: In the first half of 2024, a total of 374 ETH addresses were frozen, and the USDT-ERC20 assets on these addresses were frozen and unable to be transferred.
– Circle: In the first half of 2024, a total of 28 ETH addresses were frozen, and the USDC-ERC20 funds on these addresses were frozen and unable to be transferred.
With the strong support of SlowMist’s InMist intelligence network partners, SlowMist assisted clients, partners, and publicly affected parties in freezing approximately $24.39 million in funds in the first half of 2024.
Data on fund returns:
In the first half of 2024, there were a total of 16 incidents where all or part of the stolen funds were recovered. In these 16 incidents, the total stolen funds amounted to approximately $113 million, of which nearly $98.64 million was returned, accounting for 87.3% of the stolen funds.
3.3 Profile and Dynamics of Hacker Groups
In this section, a detailed analysis is provided on the modus operandi of hacker groups such as the Lazarus Group and the phishing service Drainers.
Lazarus Group


Drainers


3.4 Money Laundering Tools
This section provides a statistical analysis of the funds flow and direction of money laundering tools such as Tornado Cash and eXch.


(Tornado Cash: https://dune.com/misttrack/first-half-of-2024-stats)


(eXch: https://dune.com/misttrack/first-half-of-2024-stats)
IV. Conclusion
In conclusion, we hope that this report will provide readers with an analysis and interpretation of the current state of blockchain industry security, helping them to gain a comprehensive understanding of blockchain industry security and anti-money laundering status, and contribute to the development of blockchain ecosystem security.
Finally, we would like to express our gratitude to all our ecosystem partners, including our service clients, media partners, contributors, and SlowMist ecosystem partners. It is with your strong support that we are more determined to continue to be good guardians of the blockchain and contribute to the continued development of the blockchain ecosystem. We hope to continue working together to bring more light to the dark forest of the blockchain.
Disclaimer
The content of this report is based on our understanding of the blockchain industry, SlowMist’s Hacked Blockchain Incident Database, and the MistTrack anti-money laundering tracking system. However, due to the “anonymous” nature of blockchain, we cannot guarantee the absolute accuracy of all data, nor can we be held responsible for any errors, omissions, or losses resulting from the use of this report. Additionally, this report does not constitute investment advice or any other analysis.
If there are any omissions or shortcomings in this report, we welcome criticism and corrections.
For the complete version of the report, please feel free to read and share:
https://www.slowmist.com/report/first-half-of-the-2024-report(CN).pdf