SlowMist | 2024 Mid-Year Blockchain Security and Anti-Money Laundering Report

6 min readJul 4, 2024


1. Background

According to CoinMarketCap, the global cryptocurrency market cap reached approximately $2.34 trillion by June 30, 2024, highlighting robust growth. However, this development comes with increasingly severe blockchain security challenges. As blockchain applications expand, attackers have become more sophisticated, exploiting system vulnerabilities and causing significant losses.

This report focuses on two key areas: blockchain ecosystem security and anti-money laundering (AML) measures, offering a comprehensive understanding of current and future security risks in the blockchain sector.

2. Blockchain Security Landscape

2.1 Overview of Blockchain Security Incidents

Statistics from the SlowMist Hacked Database show 223 recorded security incidents in the first half of 2024, resulting in $1.43 billion in losses. This marks a 55.43% increase compared to the first half of 2023, which saw 185 incidents with approximately $920 million in losses. (Note: This report does not include personal or unreported losses.)

From an ecosystem perspective, Ethereum experienced the highest losses, reaching $400 million. This was followed by Arbitrum with approximately $72.46 million in losses, and Blast with around $70 million. Additionally, BSC had the most security incidents, totaling 57, with losses of about $32.12 million.

From an industry perspective, DeFi was the most frequently attacked area in the first half of 2024, with 158 incidents accounting for 70.85% of the total and $659 million in losses. This marks a 37.29% increase compared to the first half of 2023, which had 111 incidents and $480 million in losses. Security incidents on trading platforms resulted in $524 million in losses, with the DMM Bitcoin incident alone accounting for $305 million, making it the largest security incident of the first half of 2024.

Two incidents in the first half of 2024 had losses exceeding $100 million. Below are the top 10 security incidents by loss for this period:

Contract vulnerabilities were the most common cause of security incidents, with 56 incidents resulting in losses of about $104 million. This was followed by incidents caused by rug pulls, totaling 50 incidents.

2.2 Phishing/Stealing Techniques

This section highlights some phishing and stealing techniques disclosed by SlowMist in the first half of 2024:

  • Same prefix and suffix phishing
  • Malicious extensions
  • Malicious Trojan programs
  • Malicious bookmark phishing
  • Signature authorization phishing

3. Anti-Money Laundering Landscape

3.1 AML and Regulatory Developments

This section focuses on significant AML and regulatory developments in the cryptocurrency field:

  • Chinese Courts
  • Hong Kong
  • Singapore
  • U.S. Regulation
  • European Parliament
  • Middle East

3.2 AML in Security Incidents

Frozen Funds Data

  • Tether: In the first half of 2024, 374 ETH addresses were blocked, freezing USDT-ERC20 assets on these addresses, making them non-transferable.
  • Circle: In the first half of 2024, 28 ETH addresses were blocked, freezing USDC-ERC20 funds on these addresses, making them non-transferable.

With the strong support of our SlowMist InMist intelligence network part, we assisted our clients, partners, and public hacking incidents in freezing approximately $24.39 million in the first half of 2024.

Recovered Funds Data

In the first half of 2024, 16 incidents involved the full or partial recovery of stolen funds. Out of approximately $113 million stolen, nearly $98.64 million was returned, accounting for 87.3% of the total.

3.3 Hacker Group Profiles and Dynamics

This section provides a detailed analysis of the methods used by hacker group Lazarus Group and phishing service Drainers.

3.4 Money Laundering Tools

This section provides a statistical analysis of the fund flow and direction of money laundering tools Tornado Cash and eXch.

(Tornado Cash:

(Tornado Cash:

4. Conclusion

We hope this report provides an in-depth analysis of the current state of security in the blockchain industry, helping readers gain a comprehensive understanding of the security and anti-money laundering landscape. Our aim is to contribute to a safer blockchain ecosystem.

We would like to thank all our ecosystem partners, including service clients, media partners, Black Handbook contributors, and SlowMist Zone partners. Your support strengthens our resolve to continuously improve and protect the blockchain space. We look forward to ongoing collaboration, working together to bring more light to the blockchain’s dark forest.


This report is based on our understanding of the blockchain industry, supported by data from the SlowMist Hacked Database and the MistTrack anti-money laundering tracking system. However, due to the anonymous nature of blockchain, we cannot guarantee the absolute accuracy of all data and cannot be held responsible for any errors, omissions, or losses resulting from the use of this report. Additionally, this report does not constitute any investment advice or serve as a basis for analysis.

If there are any omissions or deficiencies in this report, we welcome your feedback and corrections.

To read and share the full version, please visit:

About SlowMist

At SlowMist, we pride ourselves on being a frontrunner in blockchain security, dedicating years to mastering threat intelligence. Our expertise is grounded in providing comprehensive security audits and advanced anti-money laundering tracking to a diverse clientele. We’ve established a robust network for threat intelligence collaboration, positioning ourselves as a key player in the global blockchain security landscape. We offer tailor-made security solutions that span from identifying threats to implementing effective defense mechanisms. This holistic approach has garnered the trust of numerous leading and recognized projects worldwide, including names like Huobi, OKX, Binance, imToken,, Amber Group, Klaytn, EOS, 1inch, PancakeSwap, TUSD, Alpaca Finance, MultiChain, and Cheers UP. Our mission is to ensure the blockchain ecosystem is not only innovative but also secure and reliable.

We offers a variety of services that include but are not limited to security audits, threat intelligence, defense deployment, security consultants, and other security-related services. We also offer AML (Anti-money laundering) solutions, Vulpush (Vulnerability monitoring) , SlowMist Hacked (Crypto hack archives), FireWall.x (Smart contract firewall) , Safe Staking and other SaaS products. We have partnerships with domestic and international firms such as Akamai, BitDefender, FireEye, RC², TianJi Partners, IPIP, etc.

By delivering a comprehensive security solution customized to individual projects, we can identify risks and prevent them from occurring. Our team was able to find and publish several high-risk blockchain security flaws. By doing so, we wish to help spread awareness and raise the security standards in the blockchain ecosystem.

💬Website 🐦Twitter ⌨️GitHub




SlowMist is a Blockchain security firm established in 2018, providing services such as security audits, security consultants, red teaming, and more.