SlowMist: 2023 Mid-Year Blockchain Security and Anti-Money Laundering Report
This report delves into blockchain ecosystem security, summarizing key security incidents and funds recovery status in the first half of 2023. It aims to help readers identify suspicious transaction patterns and behaviors by analyzing typical cases, and explore the anti-money laundering landscape within the blockchain ecosystem.
Due to space constraints, only the key contents from the report are listed here. You can download the full report here.
1. Introduction
In the past six months, blockchain technology has continued to evolve globally, bringing new possibilities and opportunities for the digital economy. However, along with its growth, blockchain security faces increasingly severe challenges. As the application of blockchain expands and deepens, attackers are becoming more cunning and sophisticated, exploiting and leveraging blockchain system vulnerabilities to launch attacks, leading to enormous losses. In the first half of the year, we witnessed a series of security incidents involving smart contract attacks, phishing attacks, thefts from trading platforms, and online fraud. According to statistics from the SlowMist Hacked, as of June 30th, there were a total of 185 security incidents in the first half of 2023, leading to losses of up to $920 million.
Compared to the first half of 2022 (187 incidents with approximately $2 billion in losses), losses have decreased by 54% year on year.
Out of these, DeFi, NFT, and cross-chain bridge incidents amounted to 131 cases, with losses of approximately $487 million; security incidents on trading platforms numbered 7, with losses of about $56.62 million; public chain security incidents were 10 in number, with losses around $672,000; wallet security incidents totaled 5, with losses of about $109 million; other security incidents numbered 32, with losses amounting to $266 million.
2. Security Incidents
This chapter primarily introduces some security incidents concerning Public chains, Exchanges, DeFi, Bridges, NFTs, and Wallet tracks, and also reports on the funds recovery situation for stolen assets in the first half of 2023.
Security Incidents and Losses
According to statistics from the SlowMist Hacked, as of June 30th, 2023:
- Public chain security incidents totaled 10, with losses of approximately $672,000.
- Exchange security incidents amounted to 7, with losses reaching $56.62 million.
- DeFi security incidents numbered 111, with losses reaching $480 million, a decrease of 18% compared to the first half of 2022 (93 incidents with losses of about $587 million). Ethereum suffered the most losses, approximately $276 million, followed by the Polygon ecosystem with around $122 million.
- Bridge security incidents amounted to 7, with losses reaching $1.37 million, a significant decrease compared to the first half of 2022 (7 incidents with losses of about $1.043 billion).
- NFT security incidents totaled 13, with losses reaching $6.31 million. In the first half of 2023, 53% of NFT security incidents resulted from vulnerabilities in the projects themselves exploited by attackers, followed by phishing attacks, accounting for 46%.
- Wallet security incidents numbered 5, with losses reaching $109 million. The most extensive and costly incident was the Atomic Wallet Hack.
Funds Recovery
In the first half of 2023, there were 10 incidents where all or part of the lost funds were recovered after an attack. The total amount of stolen funds was approximately $232 million, of which $219 million were returned, accounting for 94% of the stolen funds. In these 10 incidents, the funds of 3 protocols were entirely returned.
3. Anti-Money Laundering
This chapter, from the perspectives of regulatory dynamics, mixing platforms, and phishing groups, presents the anti-money laundering situation in the first half of the year.
Anti-Money Laundering and Regulatory Dynamics
The characteristics of blockchain technology, such as anonymity and decentralization, may provide opportunities for money laundering and other illegal activities. Many countries and regions have implemented a series of anti-money laundering laws and regulatory requirements for the blockchain and cryptocurrency fields. This section introduces some of the anti-money laundering and regulatory dynamics of platforms and governments in the first half of 2023. Understanding these requirements can help individual users and project parties comply with laws and regulations, adjust and manage risks in a timely manner, ensure activity compliance, and avoid legal risks. For more details, see the PDF file.
Mixing Platforms
This section analyzes the funds flow and direction of the mixing platforms Tornado Cash and eXch.
Phishing Groups
In this section, the MistTrack is used to conduct anti-money laundering analysis on some typical phishing groups, including Pink Drainer, Vemon Drainer, Monkey Drainer, Pussy Drainer, Inferno Drainer. The statistical content includes attack methods, loss amounts, number of victims, and money laundering methods. By comprehensively analyzing phishing incidents, it helps readers to identify phishing means used by hackers, reducing the risk of funds being stolen.
Hacker Groups
This section selects two attack incidents associated with the hacker group Lazarus Group (Harmony Hack and Atomic Wallet Hack) as analysis objects, and uses the MistTrack to analyze the money laundering methods of the hacker group.
4. Summary
We hope that this report can provide valuable insights to the blockchain industry and individuals, help everyone better understand and respond to the ever-changing threats to blockchain security, promote the continuous development and innovation of blockchain security, and jointly establish a safer and more trustworthy blockchain ecosystem.
Lastly, we express our gratitude to each of our ecosystem partners. This includes our service clients, media partners, black book contributors, and SlowMist partners. We especially thank Safeheron, BugRap, Keystone, Scam Sniffer, GoPlus, Eigenphi, Chainbase, SunSec, Alphatu, Steven and other partners. It’s your robust support that reinforces our determination to continue our endeavor as blockchain guardians. We hope to continue our strong alliance and concerted efforts, bringing more light into the dark forest of blockchain.
Disclaimer
The content of this report is based on our understanding of the blockchain industry, supported by data from the SlowMist Blockchain Hacked Archive and the Anti-Money Laundering Tracking System MistTrack. However, due to the “anonymity” feature of the blockchain, we cannot guarantee absolute accuracy of all data, nor can we be responsible for any errors, omissions or losses caused by the use of this report. Moreover, this report does not constitute any investment advice or basis for other analysis.
We’re grateful for any feedback, comments, or insights as we aim to provide the most useful and accurate information. Together, we can build a safer and more secure blockchain ecosystem.
This marks the end of the guide, for the full version, feel free to read and share at: https://www.slowmist.com/report/first-half-of-the-2023-report(EN).pdf
About SlowMist
SlowMist is a blockchain security firm established in January 2018. The firm was started by a team with over ten years of network security experience to become a global force. Our goal is to make the blockchain ecosystem as secure as possible for everyone. We are now a renowned international blockchain security firm that has worked on various well-known projects such as Huobi, OKX, Binance, imToken, Crypto.com, Amber Group, Klaytn, EOS, 1inch, PancakeSwap, TUSD, Alpaca Finance, MultiChain, Cheers UP, etc.
SlowMist offers a variety of services that include by are not limited to security audits, threat information, defense deployment, security consultants, and other security-related services. We also offer AML (Anti-money laundering) software, Vulpush (Vulnerability monitoring) , SlowMist Hacked (Crypto hack archives), FireWall.x (Smart contract firewall) , Safe Staking and other SaaS products. We have partnerships with domestic and international firms such as Akamai, BitDefender, FireEye, RC², TianJi Partners, IPIP, etc.
By delivering a comprehensive security solution customized to individual projects, we can identify risks and prevent them from occurring. Our team was able to find and publish several high-risk blockchain security flaws. By doing so, we could spread awareness and raise the security standards in the blockchain ecosystem.
Website:
https://www.slowmist.com
Twitter:
https://twitter.com/SlowMist_Team
Github:
https://github.com/slowmist/
