SlowMist: Celebrating the 7th Anniversary

SlowMist has turned seven!

Over the past seven years, we have been dedicated to exploring and advancing blockchain security. Guided by our mission to “bring a sense of security to the blockchain ecosystem,” we have collaborated with global partners to tackle security challenges and achieved remarkable results.

Key Achievements

Over the past year, we have delivered numerous in-depth articles on technology, scams, and regulations, including:

• February 22, 2024: “The Enigma of LockBit, The World’s Leading Ransomware Syndicate”
• April 15, 2024: “Beginner’s Guide to Web3 Security”
• May 8, 2024: “Small Bait, Big Fish| Unveiling the 1155 WBTC Phishing Incident”
• June 4, 2024: “Unraveling How a Malicious Extension Stole a Million Dollars”
• July 2, 2024: “SlowMist: MistTrack Quarterly Stolen Stolen Funds Analysis” (Series)
• July 11, 2024: “SlowMist: Security Audit Checklist for Account Abstraction Wallets”
• July 30, 2024: “Risk Analysis of Origin Forgery in the TonConnect SDK”
• August 8, 2024: “Introduction to TON: Accounts, Tokens, Transactions, and Security”
• September 3, 2024: “Exploring Sui: The Technology Behind High Performance and Contract Security”
• September 5, 2024: “International Cooperation in Law Enforcement: The Emerging Trend in Combating Cryptocurrency Crime”
• December 26, 2024: “Seeing is Deceiving | Analysis of Fake Zoom Meeting Phishing Attack”
• January 15, 2025: “Analysis of the UniLend Hack”
• January 18, 2025: “New Scam Technique | Fake Safeguard Scam on Telegram”
• January 23, 2025: “Analysis of Web3 Phishing Techniques”

Over the past year, we have developed and upgraded several products and services, including:

February 2, 2024: SlowMist AML Relaunched with a Comprehensive Upgrade

SlowMist has fully upgraded and relaunched SlowMist AML (https://aml.slowmist.com), aiming to better detect the behaviors of cybercriminals and further safeguard users’ digital asset security. SlowMist’s solution in the field of anti-money laundering in cryptocurrency covers three aspects: compliance, investigation, and audit, actively contributing to the construction of a healthy cryptocurrency ecosystem:

1. Compliance: SlowMist AML timely avoids any possible association with financial crimes or sanctioned entities, actively cooperates with and meets regulatory requirements; conducts risk identification for all wallet addresses within the company system and counterparty addresses; through the threat intelligence network, it is the first to grasp the latest hacking incidents and regulatory dynamics and make effective responses; builds an anti-money laundering alliance, providing hacker traces or interception of hacker funds for the alliance.
2. Investigation: SlowMist AML provides 24/7 emergency response to theft incidents, analyzing, tracking, and intercepting funds; investigates any traces or information left by hackers, especially accounts on centralized exchanges, platforms, and wallets, and outputs hacker profiles; monitors flagged addresses and synchronously blacklists and intercepts funds; attempts to dialogue with hackers and tries multiple methods to persuade hackers to return stolen funds.
3. Audit: Since its establishment, SlowMist has provided compliance security audit reports for multiple cryptocurrency trading platforms, including HashKey Pro, which has obtained a Hong Kong license, and has been recognized by regulators. The SlowMist security team, according to the latest requirements of the HKSFC and OWASP international standards, combined with SlowMist’s security capabilities, has compiled a checklist for HKSFC compliance security audits, ensuring that project parties meet HKSFC requirements and can also adapt to OWASP international standards.

February 23, 2024: Wallet Security Audit Adds Hardware Wallet Security Audit

The SlowMist security team has conducted an in-depth analysis of hardware wallet security and, through threat modeling, has facilitated the security and attack scenario analysis of hardware wallets. By organizing security audit items specifically for hardware wallets and adding hardware wallet security audit capabilities, SlowMist aims to better safeguard the cryptocurrency assets of projects and users, reducing the risk of asset theft.

May 20, 2024: Korean, Arabic, and Indonesian Versions of the “Blockchain Dark Forest Selfguard Handbook” Released

On April 12, 2022, SlowMist founder Yu Jian released The Blockchain Dark Forest Selfguard Handbook, which gained widespread traction within the crypto community. Korean, Arabic, and Indonesian versions have since been translated by community volunteers. These translations preserve the original essence while rigorously maintaining accuracy with all technical terms.

The SlowMist security team sincerely thanks the translators of the Korean, Arabic, and Indonesian versions! We are collaborating with more outstanding Web3 partners to collectively raise security awareness across the industry to a new level.

July 11, 2024: Wallet Risk Assessment Tool Officially Launched

The Wallet Risk Assessment Tool (link), powered by SlowMist’s anti-money laundering tracking system MistTrack (link), aims to help users identify and avoid money laundering risks. Users can perform the following actions with the Wallet Risk Assessment Tool: view risk scores, assist in transaction decisions, conduct in-depth address analysis, and share risk results. While the tool can help users assess whether a target address involves risky funds, it cannot guarantee 100% accuracy. The detection results are for reference only and do not serve as legal or factual guarantees of absolute transaction safety. Users must adhere to the facts and comply with the regulatory policies and laws of their respective countries.

July 12, 2024: Blockchain Security Audit Guide Fully Upgraded with New Layer2 Security Audit Methods

Over the past few years, nearly a hundred well-known blockchain projects have undergone various types of security audits by SlowMist, including Prysm, TON, Mantle, Vision Network, Metis, Acala, and Eden. Additionally, SlowMist has audited several prominent Layer2 projects, such as Morph, Bitlayer, Merlin Chain, and RSS3 Network. In response to the development trends of blockchains and Layer2 solutions, SlowMist has upgraded its Blockchain Security Audit Guide. The complete audit content is open-source on GitHub (link). Feel free to explore.

March 28, 2024: MistTrack Now Supports Search and Tracking for Merlin Chain, Toncoin, Litecoin, Dogecoin, Bitcoin Cash, and Solana

Since its launch in 2022, MistTrack has gained widespread recognition in the blockchain security field for its precise address labeling, in-depth transaction behavior analysis, and powerful fund tracking capabilities. As of now, MistTrack supports 17 blockchains, including Bitcoin, Ethereum, BNB Smart Chain, TRON, Polygon, IoTeX, Avalanche-C, Arbitrum One, OP Mainnet, Base, zkSync Era, Merlin Chain, Toncoin, Litecoin, Dogecoin, Bitcoin Cash, and Solana. Moving forward, we will expand our support to more ecosystems to meet users’ diverse multi-chain asset needs.

Since its launch in 2022, MistTrack has gained widespread recognition in the blockchain security field for its precise address labeling, in-depth transaction behavior analysis, and powerful fund tracking capabilities. As of now, MistTrack supports 17 blockchains, including Bitcoin, Ethereum, BNB Smart Chain, TRON, Polygon, IoTeX, Avalanche-C, Arbitrum One, OP Mainnet, Base, zkSync Era, Merlin Chain, Toncoin, Litecoin, Dogecoin, Bitcoin Cash, and Solana. Moving forward, we will expand our support to more ecosystems to meet users’ diverse multi-chain asset needs.

September 23, 2024: “Incident Response Service” Officially Launched

The Incident Response Service (link) is a professional security emergency service designed by SlowMist for Web3 projects. It aims to help project teams quickly and effectively respond to security incidents and threats during black swan events, such as hacker attacks. The service analyzes intrusion paths, post-intrusion behavior, and creates on-chain and off-chain hacker profiles while tracking stolen assets.

This comprehensive service covers the entire incident-handling process, from on-chain/off-chain intrusion analysis to tracing and review. Leveraging SlowMist AML’s blockchain anti-money laundering system and the InMist threat intelligence network, this service strives to help projects recover financial losses.

October 22, 2024: Hacking Time Website Fully Upgraded and Relaunched

As a team focused on blockchain security and deeply engaged in blockchain security technologies, the SlowMist security team has accumulated extensive security experience in the blockchain world while continuously learning from cutting-edge technology fields. Through Hacking Time, we share in-depth insights and practical experiences in blockchain security with leaders from various fields.

The newly upgraded Hacking Time website (link) features two main modules: external communications and internal sharing. It records every step of Hacking Time’s journey in a timeline format.

November 14, 2024: MistTrack Community Version Officially Launched

The MistTrack Community Version (link) offers basic blockchain analysis features, making it suitable for individual users and small projects.

Over the past year, we have open-sourced several industry-focused publications, including:

• July 1, 2024: 2024 Mid-Year Blockchain Security and Anti-Money Laundering Report
• July 31, 2024: Security Guide for Securing X Accounts
• September 10, 2024: Web3 Project Security Handbook
• September 12, 2024: Best Practices for Toncoin Smart Contract Security
• September 27, 2024: Introduction to Auditing Sui — Move Contracts
• September 29, 2024: Analysis and Audit Considerations of the Uniswap v3 Protocol
• October 16, 2024: Compound Finance V2 Security Audit Manual
• January 3, 2025: 2024 Blockchain Security and Anti-Money Laundering Annual Report

Over the past year, we have supported and collaborated with multiple organizations, including:

• March 1, 2024: SlowMist and HashKey signed a Memorandum of Understanding (MOU) in Singapore.
• March 12, 2024: Invited to share blockchain anti-money laundering solutions at the Hong Kong Polytechnic University.
• March 15, 2024: SlowMist was invited to conduct a training session on tracking illicit cryptocurrency funds for the Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police Force.
• March 21, 2024: Assisted DeGame with a hacking investigation and fund tracking.
• March 30, 2024: Dolomite’s thanks: SlowMist provided assistance during the investigation.
• April 22, 2024: Invited to share blockchain security knowledge at Bristol University.
• June 10, 2024: Assisted Loopring with a hacking investigation and fund tracking.
• July 20, 2024: Rho Markets’ thanks: Appreciates SlowMist and partners for providing help and saving funds.
• July 23, 2024: Sponsored the “SlowMist Cybersecurity Award” for the 2023–2024 academic year of the Financial Master’s Program at Hong Kong Baptist University.
• July 25, 2024: TinTinLand’s thanks: SlowMist assisted with their X account theft issue.
• July 30, 2024: Dew’s thanks: SlowMist helped fix an XSS vulnerability.
• August 20, 2024: Co-released a Web3 security anti-phishing/scam educational video with OKX.
• October 29, 2024: Hired as an independent third party to investigate the EIGEN token theft incident and released the investigation report.
• November 19, 2024: Assisted DEXX with a hacking investigation and fund tracking.
• January 7, 2025: SolvProtocol’s thanks: SlowMist provided assistance during the investigation.
• January 18, 2025: CAT Protocol’s thanks: SlowMist helped recover assets affected by protocol vulnerabilities.

Over the past year, we have assisted many users who suffered financial losses, including:

• January 23, 2024: Assisted Socket in recovering $2.3 million in stolen funds.
• February 27, 2024: Assisted in recovering fraudulently obtained assets, creating a legal precedent with XREX and law enforcement in Taiwan.
• March 22, 2024: Helped the victim recover 158 ETH in stolen funds.
• December 31, 2024: MistTrack provided free evaluations for over 5,000 forms submitted by stolen fund victims.
• December 31, 2024: With strong support from InMist threat intelligence network partners, SlowMist assisted clients, partners, and publicly reported incidents in freezing over $112 million in funds in 2024.
• January 15, 2025: Assisted the victim in recovering 0.35 BTC in stolen funds.

Over the past year, we have received numerous reports and honors, including:

• April 16, 2024: Our professional tracking results were cited by the United Nations Security Council.
• April 28, 2024: Our publication on “Unveiling a New Scam: Malicious Modification of RPC Node Links to Steal Assets” was reprinted by Bitcoin.com News.
• May 14, 2024: Our tweet content was frequently cited by Cointelegraph.
• May 29, 2024: Our analysis on North Korean hackers was cited by the U.S. Department of the Treasury.
• August 2, 2024: Interviewed by South China Morning Post on blockchain security.
• August 8, 2024: Invited to attend the CCTC conference (Conference on Governing Cybercrime Technological Creativity) and delivered a presentation on “Cryptocurrency Analysis and Tracking”
• August 29, 2024: Our blockchain security expertise was cited by Knownsec Skills Table.
• October 7, 2024: Our anti-money laundering analysis was cited by the United Nations Office on Drugs and Crime (UNODC).
• December 25, 2024: Recognized as a 2024 Specialized and Sophisticated SME by Xiamen City.
• December 30, 2024: Awarded ISO/IEC 27001:2022 Information Security Management System Certification.
• January 13, 2025: Interviewed by Cointelegraph on the “2022 OpenSea Email Vendor Data Breach.”

Conclusion

Since its establishment, SlowMist has consistently focused on technical security while actively building systems for compliance and ecological security. By collaborating with our partners and sharing security expertise, we have worked together to create a more resilient blockchain security ecosystem.

Rooted in the present and looking to the future, SlowMist remains steadfast in its original mission. Through each milestone breakthrough, we maintain a spirit of humility and focus, continuously exploring innovation and delivering valuable services and products to safeguard the blockchain ecosystem’s security.

With a seven-year vision in mind and an ambitious blueprint ahead, we extend our heartfelt thanks to every member of the SlowMist team for their dedication, to our clients and partners for their trust and support, and to everyone who has walked alongside SlowMist on this journey!

About SlowMist

SlowMist is a blockchain security firm established in January 2018. The firm was started by a team with over ten years of network security experience to become a global force. Our goal is to make the blockchain ecosystem as secure as possible for everyone. We are now a renowned international blockchain security firm that has worked on various well-known projects such as HashKey Exchange, OSL, MEEX, BGE, BTCBOX, Bitget, BHEX.SG, OKX, Binance, HTX, Amber Group, Crypto.com, etc.

SlowMist offers a variety of services that include but are not limited to security audits, threat information, defense deployment, security consultants, and other security-related services. We also offer AML (Anti-money laundering) software, MistEye (Security Monitoring) , SlowMist Hacked (Crypto hack archives), FireWall.x (Smart contract firewall) and other SaaS products. We have partnerships with domestic and international firms such as Akamai, BitDefender, RC², TianJi Partners, IPIP, etc. Our extensive work in cryptocurrency crime investigations has been cited by international organizations and government bodies, including the United Nations Security Council and the United Nations Office on Drugs and Crime.

By delivering a comprehensive security solution customized to individual projects, we can identify risks and prevent them from occurring. Our team was able to find and publish several high-risk blockchain security flaws. By doing so, we could spread awareness and raise the security standards in the blockchain ecosystem.