Author: SlowMist AML Team

Full content can be found here

I. Overview

In 2024, the blockchain industry moves forward amidst the clash of security and innovation. Against this backdrop, this report reviews key regulatory compliance policies and anti-money laundering dynamics in the blockchain industry for 2024, summarizes blockchain security incidents, and outlines typical fraud methods. Additionally, we invited the Web3 anti-fraud platform ScamSniffer to write about phishing Wallet Drainers, and we analyzed and compiled the money laundering methods and profits of North Korean hackers. We hope this report provides valuable information to readers, helping practitioners and users gain a more comprehensive understanding of the current state of blockchain security and solutions, contributing to the safe development of the blockchain ecosystem.

II. Blockchain Security Situation

According to the SlowMist Hacked incident database, there were a total of 410 security incidents in 2024, with losses reaching up to $2.013 billion. Compared to 2023 (a total of 464 incidents with losses of approximately $2.486 billion), the losses decreased by 19.02% year-on-year.

Note: The data in this report is based on the token prices at the time of the incidents. Due to price fluctuations and the exclusion of losses from some undisclosed incidents, the actual losses are expected to be higher than the statistics.

(https://hacked.slowmist.io/statistics/?c=all&d=2024)

Overview of Blockchain Security Incidents

From the perspective of project sectors, DeFi remains the most frequently attacked area. In 2024, there were 339 DeFi security incidents, accounting for 82.68% of the total security incidents, with losses reaching $1.029 billion. Compared to 2023 (a total of 282 incidents with losses of approximately $773 million), the losses increased by 33.12% year-on-year.

(Distribution and losses of security incidents across sectors in 2024)

(Comparison of DeFi security incident distribution and losses between 2023 and 2024)

From an ecosystem perspective, Ethereum had the highest losses, amounting to $465 million, followed by BSC with $87.35 million.

(Distribution and losses of security incidents across ecosystems in 2024)

In terms of incident causes, contract vulnerabilities led to the most security incidents, totaling 99, resulting in losses of approximately $214 million. The second most common cause was account hacks.

(Methods of security incidents in 2024)

Typical Attack Incidents

This section selects the top 10 security attack incidents by loss in 2024. For details, please refer to the PDF content at the end.

(Top 10 security attack incidents by loss in 2024)

Rug Pull

A Rug Pull is a scam where malicious project teams create hype to attract user investments, and when the time is right, they "pull the rug" and abscond with the funds. According to the SlowMist Hacked incident database, there were 58 Rug Pull incidents in 2024, leading to losses of approximately $106 million. Among these, the zkSync ecosystem suffered the highest losses, amounting to $36.95 million, while the BSC ecosystem had the most Rug Pull incidents, totaling 28.

(Top 10 Rug Pull incidents by loss in 2024)

(Distribution and losses of Rug Pull incidents across ecosystems in 2024)

With the rise of meme coins, many users, driven by speculation and FOMO, overlook potential risks. Some token issuers can hype their projects and attract users to buy tokens without even outlining a vision or providing a white paper, relying solely on a concept or slogan. The low cost of malicious actions has led to a surge in Rug Pull incidents. After users' funds are Rug Pulled by malicious project teams, they often face a long and difficult process to recover their money. In response, the SlowMist security team advises users to thoroughly understand the project's background and team information before participating, and to carefully choose investment projects to avoid potential risks.

Phishing

Note: This subsection focuses on analyzing Wallet Drainer attacks on EVM-compatible chains, written with great care by ScamSniffer, for which we express our gratitude.

A Wallet Drainer is an attack deployed on phishing websites that tricks users into signing malicious transactions to steal crypto assets. In 2024, such attacks caused losses of approximately $494 million, a year-on-year increase of 67%. Although the number of victims only increased by 3.7% (reaching 332,000 addresses), the losses per attack significantly increased, with the largest single theft amounting to $55.48 million.

(Key data indicators of Wallet Drainer attacks in 2024)

1. Important Nodes

• Pink Exit (end of May): Market share 28%, absorbed by Inferno.
• Angel takes over Inferno (end of October): Angel's share declines, Inferno maintains 40-45% market share.

1. Market Landscape Evolution

• Q1-Q2: Three Dominants (Angel: 42%, Pink: 28%, Inferno: 22%)
• Q3: Duopoly Competition (Inferno: 43%, Angel: 25%)
• Q4: New Landscape (Inferno and Angel: 45%, Acedrainer: 20%, other new Drainers: 25%)

As of 2024, known losses based on phishing signatures reached $790 million. Although such attacks decreased in the second half of the year, this may indicate that attackers are shifting to other methods, such as malware, which are more covert. As the Web3 ecosystem develops, challenges in protecting user asset security remain. Regardless of how attack methods change, ongoing security awareness and protective capability building are always key to safeguarding asset security.

Fraud

This section selects some fraud methods disclosed by us in 2024:

1. Mining Fraud

2. Arbitrage Fraud

3. Airdrop Fraud

4. Theft X Scams

5. Pixiu Scheme

6. Malicious Trojan

III. Anti-Money Laundering Situation

This section is divided into four parts: anti-money laundering and regulatory dynamics, anti-money laundering data, North Korean hackers, and mixing tools.

Anti-Money Laundering and Regulatory Dynamics

In 2024, significant developments occurred in the regulatory environment for cryptocurrencies, most notably the EU's implementation of the MiCA regulations and the US's advancement of stablecoin legislation. In terms of law enforcement, stricter measures were introduced worldwide to combat illegal activities, with notable progress in stablecoin regulation, cross-border crypto policies, and enforcement actions against major participants in the crypto space. Specific policies and enforcement actions can be found in the PDF at the end.

Anti-Money Laundering Data

1. Fund Freezing Data

• With the strong support of InMist intelligence network partners, SlowMist assisted clients, partners, and publicly hacked incidents in freezing funds totaling over $112 million in 2024.
• In 2024, Tether froze approximately $540 million in USDT; Circle froze about $13.36 million in USDC.

(https://dune.com/misttrack/2024)

2. Fund Return Data

In 2024, there were 410 security incidents, with 24 incidents being able to recover all or part of the lost funds after being attacked. According to disclosed data, approximately $166 million was returned, accounting for 8.25% of the total security losses (approximately $2.013 billion).

North Korean Hackers

In 2024, North Korean hacker groups were implicated in multiple cyber theft cases, resulting in hundreds of millions of dollars in stolen cryptocurrency. Below is a list of significant incidents committed by North Korean hacker groups (data source: SlowMist Hacked):

This section focuses on analyzing the attack methods of North Korean hackers, using the BingX incident tracked by SlowMist as an example to introduce their money laundering methods.

Mixing Tools

1. Tornado Cash

(https://dune.com/misttrack/2024)

2. eXch

(https://dune.com/misttrack/2024)

3. Railgun

Railgun has implemented Private Proof of Innocence (PPOI), utilizing zero-knowledge proofs to ensure that users can verify their funds are not associated with illegal activities without compromising privacy. This innovation strikes a critical balance between privacy and compliance, making it more difficult for malicious actors to use the platform for money laundering.

IV. Conclusion

In 2024, the blockchain industry faces new opportunities and challenges amid ongoing innovation and transformation; various security incidents and anti-money laundering dynamics provide profound warnings and prompt us to pay more attention to industry norms and technological safeguards. Through the analysis of blockchain security incidents and money laundering cases in 2024, we hope to raise awareness of industry security among all parties.

In the future, as the regulatory framework gradually improves and technological means continue to upgrade, we have reason to believe that the blockchain industry will move towards a safer, more transparent, and compliant direction. We hope this report provides valuable information to readers, helping them gain a more comprehensive understanding of the current state of security and anti-money laundering in the blockchain industry, and we look forward to working together to contribute to building a safer, more stable, and trustworthy blockchain ecosystem.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。