A quick look at the 2024 Blockchain Security and Anti-Money Laundering Annual Report
Reprinted from chaincatcher
01/03/2025·3MAuthor: SlowMist AML team
See the complete content here
1. Overview
In 2024, the blockchain industry will move forward in the confrontation between security and innovation. Against this background, this report reviews the key regulatory compliance policies and anti-money laundering trends in the blockchain industry in 2024, summarizes blockchain security events in 2024 and sorts out typical fraud techniques. In addition, we also invited Web3 anti-fraud platform ScamSniffer to write about phishing Wallet Drainers. At the same time, we analyzed and compiled statistics on North Korean hackers' money laundering methods and profit-making conditions. We hope that this report will provide readers with useful information, help practitioners and users more comprehensively understand the current status and solutions of blockchain security, and contribute to promoting the safe development of the blockchain ecosystem.
2. Blockchain security situation
According to statistics from the SlowMist Hacked incident archive (SlowMist Hacked), a total of 410 security incidents occurred in 2024, with losses as high as US$2.013 billion. Compared with 2023 (a total of 464 cases, losses of approximately US$2.486 billion), losses decreased by 19.02% year-on-year.
Note: The data in this report are based on the token prices at the time of the event. Due to currency price fluctuations and losses from some undisclosed events that are not included in statistics, the actual losses should be higher than the statistical results.
(https://hacked.slowmist.io/statistics/?c=all &d=2024)
Overview of blockchain security incidents
Judging from the project track, DeFi is still the most frequently attacked area. There were 339 DeFi security incidents in 2024, accounting for 82.68% of the total security incidents, with losses as high as US$1.029 billion. Compared with 2023 (a total of 282 incidents, losses of approximately US$773 million), losses increased by 33.12% year-on-year.
(Distribution and losses of safety incidents at each track in 2024)
(2023 and 2024 DeFi security incident distribution and loss comparison chart)
From an ecological perspective, Ethereum suffered the highest loss, reaching $465 million. This was followed by BSC with US$87.35 million.
(Distribution and losses of various ecological security incidents in 2024)
From the perspective of incident causes, contract vulnerabilities caused the most security incidents, reaching 99 cases, resulting in losses of approximately US$214 million. Secondly, there are security incidents caused by account hacking.
(2024 Security Incident Methods Chart)
Typical attack events
This section selects the top 10 security attack incidents that caused losses in 2024. For details, see the PDF file content at the end of the article.
(Top 10 security attacks in 2024)
Rug Pull
Rug Pull is a scam. Its essence is that the malicious project team builds momentum to attract users to invest, and when the time is right, they "pull the blanket" and run away with the money. According to statistics from SlowMist Hacked, there were as many as 58 Rug Pull incidents in 2024, resulting in losses of approximately US$106 million. Among them, the zkSync ecosystem suffered the highest loss, reaching 36.95 million U.S. dollars, and the BSC ecosystem had the most runaway incidents, reaching 28.
(2024 Lost Top 10 Runaway Incident)
(Distribution and losses of various ecological runaway events in 2024)
With the advent of the Meme coin craze, many users have ignored potential risks, driven by speculation and FOMO emotions. Some currency issuers do not even need to describe their vision or provide a white paper to users. They can create buzz to attract users to buy tokens with just a concept or slogan. The low cost of doing evil has led to endless incidents of running away. After user funds are rugated by malicious project parties, they often face a long and difficult recovery process. In this regard, the SlowMist security team recommends that users fully understand the background and team information of the project before participating in the project, and carefully choose investment projects to avoid potential risks.
fishing
Note: This section focuses on analyzing the Wallet Drainer attack on the EVM compatible chain. It was written by ScamSniffer, for which I would like to express my gratitude.
Wallet Drainer is an attack method deployed on phishing websites to steal crypto assets by inducing users to sign malicious transactions. In 2024, such attacks caused approximately US$494 million in losses, a year-on-year increase of 67%. Although the number of victims only increased by 3.7% (to 332,000 addresses), the losses per attack increased significantly, with the largest single stolen amount reaching $55.48 million.
(Key data indicators of Wallet Drainer attacks in 2024)
1. Important nodes
- Pink exits (end of May): market share is 28%, and its share is absorbed by Inferno.
- Angel takes over Inferno (end of October): Angel's share declines, while Inferno maintains 40-45% market share.
2. Evolution of market structure
- Q1-Q2: Three major leaders (Angel: 42%, Pink: 28%, Inferno: 22%)
- Q3: Two-headed competition (Inferno: 43%, Angel: 25%)
- Q4: New pattern (Inferno and Angel: 45%, Acedrainer: 20%, other new Drainers: 25%)
As of 2024, known losses based on phishing signatures amounted to $790 million. Although such attacks have decreased in the second half of the year, this may indicate that attackers are turning to other attack methods, such as malware and other more covert methods. As the Web3 ecosystem develops, the challenge of protecting user asset security still exists. No matter how the attack methods change, continuous security awareness and protection capability building are always the key to protecting asset security.
Fraud
This section selects some of the fraud tactics we disclosed in 2024:
4. Steal X, commit fraud
5.Pixiu plate
3. Anti-money laundering situation
This section is divided into four parts: anti-money laundering and regulatory trends, anti-money laundering data, North Korean hackers, and currency mixing tools.
Anti-money laundering and regulatory developments
2024 saw significant developments in the regulatory environment for cryptocurrencies, the most prominent of which were the implementation of MiCA regulations in the European Union and the advancement of stablecoin legislation in the United States. In terms of law enforcement, this year more stringent measures have been introduced around the world to combat illegal activities. Stablecoin regulation, cross-border encryption policies, and law enforcement actions against major players in the encryption field have made significant progress. For specific policies and law enforcement actions, please see the PDF at the end of this article. .
Anti-money laundering data
1. Fund freezing data
- With the strong support of InMist intelligence network partners, SlowMist assisted customers, partners and public hacking incidents to freeze funds totaling more than 112 million US dollars in 2024.
- In 2024, Tether froze approximately $540 million in USDT; in 2024, Circle froze approximately $13.36 million in USDC.
(https://dune.com/misttrack/2024)
2. Fund return data
There were 410 security incidents in 2024, and there were 24 incidents in which all or part of the lost funds could be recovered after being attacked. According to the disclosed data, a total of about 166 million U.S. dollars was returned, accounting for the total security losses (about 2.013 billion U.S. dollars) of 8.25%.
North Korean hackers
In 2024, North Korean hacking groups were implicated in multiple cyber thefts, resulting in the theft of hundreds of millions of dollars in cryptocurrency. The following is a list of important incidents committed by North Korean hacker groups (data source SlowMist Hacked):
This section focuses on analyzing the attack methods of North Korean hackers, and uses the BingX incident followed by SlowMist as an example to introduce the money laundering methods of North Korean hackers.
Coin mixing tool
1. Tornado Cash
(https://dune.com/misttrack/2024)
2. eXch
(https://dune.com/misttrack/2024)
3. Railgun
Railgun has implemented Private Proof of Innocence (PPOI), leveraging zero-knowledge proofs to ensure users can verify that their funds are not linked to illegal activity without compromising privacy. This innovation strikes a critical balance between privacy and compliance, making it more difficult for malicious actors to exploit the platform to launder money.
4. Summary
In 2024, the blockchain industry will face new opportunities and challenges in the wave of continuous innovation and change; various security incidents and anti-money laundering developments have provided us with profound warnings and prompted us to pay more attention to industry regulations and technical guarantees; through the By analyzing blockchain security incidents and money laundering cases in 2024, we hope to arouse all parties’ attention to industry security.
In the future, with the gradual improvement of the regulatory framework and the continuous upgrading of technical means, we have reason to believe that the blockchain industry will move in a more secure, transparent and compliant direction. We hope that this report can provide readers with valuable information and help them gain a more comprehensive understanding of the security and anti-money laundering status of the blockchain industry. We also look forward to our joint efforts to build a more secure, stable and trustworthy blockchain. Ecological contribution.
panewslab