The blockchain industry navigated a complex landscape of innovation and security challenges throughout 2024. This report reviews critical regulatory policies, anti-money laundering (AML) developments, and significant security incidents from the past year. It also highlights common fraud techniques, includes expert analysis on wallet-draining phishing schemes, and examines the money-laundering tactics employed by North Korean hacking groups. Our goal is to provide a comprehensive overview to help industry participants and users better understand the current state of blockchain security.
2024 Blockchain Security Landscape
According to data from the SlowMist Hacked database, 410 security incidents were recorded in 2024, resulting in total losses of approximately $2.013 billion. This represents a 19.02% decrease in financial losses compared to 2023, which saw 464 incidents and roughly $2.486 billion in losses.
Note: All loss values are calculated based on token prices at the time of each incident. Due to market volatility and some non-publicized events, actual losses are likely higher than reported.
Overview of Blockchain Security Incidents
The decentralized finance (DeFi) sector remained the most frequently targeted area. In 2024, 339 DeFi-related security incidents were recorded, accounting for 82.68% of all events and leading to losses of $1.029 billion. This represents a 33.12% increase in financial damages compared to the previous year.
From an ecosystem perspective, Ethereum suffered the highest losses at $465 million, followed by the Binance Smart Chain (BSC) with $87.35 million.
Contract vulnerabilities were the leading cause of security breaches, responsible for 99 incidents and approximately $214 million in losses. This was followed by incidents resulting from account compromises.
Notable Attack Incidents
The year witnessed several high-impact attacks. Among the most significant were ten major incidents that resulted in the largest financial losses. For a detailed breakdown of these events, readers are encouraged to review the full data available in the accompanying PDF report.
Rug Pull Schemes
A Rug Pull is a type of exit scam where malicious project developers attract investor funds and then abruptly withdraw all liquidity and disappear. SlowMist Hacked documented 58 such events in 2024, causing combined losses of around $106 million.
The zkSync ecosystem experienced the highest financial damage from Rug Pulls at $36.95 million, while the BSC ecosystem had the highest number of occurrences with 28 separate incidents.
The surge in meme coin popularity played a significant role in these scams. Driven by speculation and fear of missing out (FOMO), many investors overlooked due diligence. Some token issuers managed to generate hype and attract buyers with little more than a catchy concept or slogan, often without providing a whitepaper or clear project vision.
The low barrier to executing these scams has led to their continued prevalence. Victims of Rug Pulls often face lengthy and difficult asset recovery processes. To mitigate these risks, it is crucial for users to thoroughly research a project's background and team before investing.
Phishing and Wallet Drainers
Wallet Drainers are malicious scripts embedded on phishing websites designed to steal crypto assets by tricking users into signing malicious transactions. In 2024, this attack vector resulted in approximately $494 million in losses, a 67% increase year-over-year.
Although the number of victimized addresses saw only a modest 3.7% increase (reaching 332,000), the average loss per incident grew significantly, with the single largest theft amounting to $55.48 million.
Key Developments in Phishing
- Pink Drainer's Exit (Late May): This drainer, which held a 28% market share, ceased operations. Its share was largely absorbed by Inferno Drainer.
- Angel Drainer's Takeover of Inferno (Late October): Following this move, Angel's market share declined while Inferno maintained a dominant 40-45% share.
Market Evolution
- Q1-Q2: A three-way dominance between Angel (42%), Pink (28%), and Inferno (22%).
- Q3: A two-horse race emerged between Inferno (43%) and Angel (25%).
- Q4: A new格局 formed with Inferno & Angel (45%), Acedrainer (20%), and other new drainers (25%).
By the end of 2024, known losses from phishing signature attacks had reached $790 million. Although the frequency of these attacks decreased in the latter half of the year, this may indicate a strategic shift by attackers toward more covert methods, such as malware. As the Web3 ecosystem evolves, the challenge of protecting user assets remains paramount. Continuous security awareness and robust protective measures are essential for safeguarding digital wealth. To stay ahead of these evolving threats, 👉 explore advanced security strategies.
Fraud, AML, and Regulatory Developments
This section covers anti-money laundering efforts, key regulatory updates, and analysis of illicit activities.
Anti-Money Laundering and Regulatory Dynamics
The regulatory environment for cryptocurrencies saw significant changes in 2024. The European Union's implementation of the Markets in Crypto-Assets (MiCA) regulation and the advancement of stablecoin legislation in the United States were among the most notable developments.
Globally, authorities enforced stricter measures to combat illegal activities. Significant progress was made in stablecoin oversight, cross-border crypto policies, and enforcement actions against major players in the crypto space. Detailed information on specific policies and actions is available in the full PDF report.
Anti-Money Laundering Data
Fund Freezing Statistics
- With support from its InMist intelligence network partners, SlowMist assisted clients and partners in freezing over $112 million in funds related to publicized hacks in 2024.
- Separately, Tether froze approximately $540 million worth of USDT, and Circle froze about $13.36 million worth of USDC during the year.
Fund Recovery Statistics
Of the 410 security incidents recorded in 2024, 24 resulted in full or partial recovery of stolen funds. Based on disclosed data, approximately $166 million was returned to victims, accounting for 8.25% of the total annual losses (~$2.013 billion).
North Korean Hacker Activity
North Korean state-sponsored hacking groups were linked to several major cyber thefts in 2024, resulting in the loss of hundreds of millions of dollars in cryptocurrency. The following is a list of significant incidents attributed to these groups (source: SlowMist Hacked):
This analysis focuses on the attack methodologies of these hackers and uses the BingX incident, investigated by SlowMist, as a case study to illustrate their money-laundering techniques.
Common Money-Laundering Tools
- Tornado Cash: A decentralized cryptocurrency mixer that obfuscates transaction trails.
- eXch: A service used for exchanging and potentially mixing stolen funds.
- Railgun: A privacy protocol that has implemented Private Proof of Innocence (PPOI). This system uses zero-knowledge proofs to allow users to verify that their funds are not linked to illicit activity without compromising their financial privacy. This innovation aims to balance privacy with compliance, making it more difficult for malicious actors to use the platform for money laundering.
Conclusion and Future Outlook
The blockchain industry continued its rapid evolution in 2024, presenting new opportunities alongside persistent security challenges. The incidents and AML developments detailed in this report serve as a critical reminder of the importance of industry-wide standards and robust technical safeguards.
By analyzing the security events and money-laundering cases of the past year, we hope to emphasize the collective responsibility to prioritize safety. As regulatory frameworks mature and technological solutions advance, the industry is poised to move toward a more secure, transparent, and compliant future. We believe this report provides valuable insights for understanding the current state of blockchain security and AML efforts.
Frequently Asked Questions
What was the total financial loss from blockchain security incidents in 2024?
Losses from recorded security incidents reached approximately $2.013 billion in 2024. This figure is based on token prices at the time of each event, and actual losses are likely higher due to market volatility and unreported incidents.
Which sector of the blockchain industry was most targeted by attacks?
The DeFi (Decentralized Finance) sector was the most targeted, experiencing 339 incidents that accounted for over 82% of all security events and resulted in losses exceeding $1 billion.
How can users protect themselves from phishing and Wallet Drainer attacks?
Users should always verify website URLs, avoid clicking on suspicious links in emails or social media, and carefully review every transaction before signing it. Using hardware wallets for significant holdings and staying informed about common phishing tactics are also highly recommended security measures. For a deeper understanding of these risks, 👉 view real-time security tools.
What are Rug Pulls, and why are they so common?
Rug Pulls are exit scams where developers abandon a project and steal investors' funds. They are common due to low execution costs, the ease of creating new tokens, and the FOMO (Fear Of Missing Out) culture that can cause investors to skip crucial due diligence.
What major regulatory change affected the crypto industry in 2024?
A major development was the European Union's implementation of the Markets in Crypto-Assets (MiCA) regulation, which established a comprehensive framework for crypto-asset service providers across the EU member states.
What percentage of stolen funds was successfully recovered in 2024?
Based on publicly available data, about 8.25% of the total losses from hacks (approximately $166 million out of $2.013 billion) were successfully recovered and returned to victims.