**Introduction**
SlowMist Technology has released the “2024 H1 Blockchain Security and Anti-Money Laundering Report” (hereafter referred to as the “Report”). This report summarizes key regulatory compliance policies and developments in the blockchain industry during the first half of 2024, focusing on regulatory stances toward cryptocurrencies and a series of core policy adjustments. We review and outline blockchain security incidents and trends in anti-money laundering (AML), interpreting common money laundering tools and phishing theft techniques, and proposing effective prevention methods and response strategies for such issues. Additionally, we disclose and analyze major phishing criminal organizations like Wallet Drainers and hacker groups such as Lazarus Group, aiming to provide references for mitigating such threats.
**Background**
According to CoinMarketCap data as of June 30, 2024, the global cryptocurrency market’s total market value has reached approximately $23.4 trillion, demonstrating robust growth momentum in the global blockchain market. However, along with this growth comes increasingly severe challenges in blockchain security. As blockchain applications expand and deepen, attackers become more sophisticated, continuously exploiting vulnerabilities in blockchain systems, resulting in substantial losses. In this context, the report focuses on blockchain ecosystem security and anti-money laundering (AML) security, providing a comprehensive understanding of current and future blockchain security risks.
**Blockchain Security Situation**
**Overview of Blockchain Security Incidents**
According to SlowMist’s blockchain hacking incident database, there were a total of 223 security incidents in the first half of 2024, resulting in losses totaling $1.43 billion. Compared to the first half of 2023 (185 incidents, approximately $920 million in losses), this represents a 55.43% year-on-year increase in losses. (Note: Personal losses are not included in this report.)
**Highest Losses by Platform**
Ethereum incurred the highest losses, amounting to $400 million, followed by Arbitrum with approximately $72.46 million, and Blast with around $70 million. Additionally, BSC recorded the highest number of security incidents, totaling 57 incidents with losses of about $32.12 million.
**Types of Attacks**
DeFi was the most frequently targeted sector, with 158 incidents accounting for 70.85% of all incidents and losses amounting to $659 million. This marks a 37.29% increase in losses compared to the first half of 2023, where there were 111 incidents with losses of approximately $480 million. Security incidents on trading platforms resulted in losses of $524 million, with the DMM Bitcoin incident alone accounting for $305 million, making it the largest security incident of the first half of 2024.
**Significant Security Attacks**
Two incidents resulted in losses exceeding $100 million each. Here are the top 10 security attack incidents in the first half of 2024.
**Causes of Security Incidents**
Contract vulnerabilities were the most common cause, with 56 incidents resulting in losses of approximately $104 million, followed by 50 incidents due to exit scams.
**Phishing/Theft Techniques**
This section extracts some phishing and theft techniques disclosed by SlowMist in the first half of 2024:
– Sequential phishing
– Malicious browser extensions
– Malware programs
– Malicious bookmark phishing
– Signature authorization phishing
**Anti-Money Laundering Situation**
**AML and Regulatory Dynamics**
This section focuses on significant developments in anti-money laundering (AML) and regulatory dynamics in the cryptocurrency field:
– Chinese courts
– Hong Kong, China
– Singapore
– U.S. regulations
– European Parliament
– Middle East region
**Security Event Anti-Money Laundering**
Data on frozen funds:
– Tether: In the first half of 2024, a total of 374 ETH addresses were locked, freezing USDT-ERC20 assets on these addresses, making them non-transferable.
– Circle: In the first half of 2024, a total of 28 ETH addresses were locked, freezing USDC-ERC20 funds on these addresses, making them non-transferable.
– With strong support from InMist’s intelligence network, SlowMist assisted in freezing approximately $24.39 million in funds from publicly hacked incidents in the first half of 2024.
**Fund Return Data**
In the first half of 2024, there were 16 cases where attacked funds were fully or partially recovered. The total stolen funds amounted to approximately $113 million, with nearly $98.64 million returned, accounting for 87.3% of the stolen funds.
**Profile and Dynamics of Hacker Groups**
This section provides a detailed analysis of the modus operandi of hacker groups such as Lazarus Group and phishing service Drainers.
**Money Laundering Tools**
This section analyzes the flow and destination of funds for money laundering tools such as Tornado Cash and eXch.
**Conclusion**
In conclusion, we aim to provide readers with an analysis and interpretation of the current state of security in the blockchain industry through this report. It helps readers gain a comprehensive understanding of blockchain industry security and anti-money laundering status, contributing to the development of blockchain ecosystem security. Finally, we extend our gratitude to all ecosystem partners, including our service clients, media partners, contributors, and SlowMist ecosystem partners. Your strong support strengthens our determination to continue advancing and serving as guardians of the blockchain, hoping to further illuminate the dark forest of blockchain through continued collaboration and joint efforts.
**Disclaimer**
This report is based on our understanding of the blockchain industry, SlowMist’s blockchain hacking archive SlowMist Hacked, and data support from the anti-money laundering tracking system MistTrack. However, due to the “anonymous” nature of blockchain, we cannot guarantee the absolute accuracy of all data herein, nor can we be held responsible for errors, omissions, or losses incurred from the use of this report. Furthermore, this report does not constitute investment advice or other analyses.
If there are any omissions or deficiencies in this report, we welcome criticisms and corrections.
**Read more:**
[Full Version of the Report](https://www.slowmist.com/report/first-half-of-the-2024-report(CN).pdf)