Crypto exploit incidents rose 50%, with losses topping $1.4B in H1 2024: SlowMist

Ethereum records highest losses at $400 million in blockchain breaches.

abstract representation of blockchain security exploits

Key Takeaways

  • Blockchain security incidents increased by 50% in the first half of 2024.
  • Ethereum and DeFi sectors suffered the most, with Ethereum losing $400 million.

Share this article

For the first half of 2024, the blockchain industry faced unprecedented challenges as security incidents soared to new heights, resulting in staggering losses of $1.43 billion.

A comprehensive report released by SlowMist, a blockchain security firm, reveals a complex space of threats, regulatory shifts, and sophisticated money laundering techniques that are reshaping the ecosystem.

The report highlights a 50% increase in security breaches compared to the same period last year, with DeFi protocols remaining the prime target for attackers.

Blockchain security incidents rising by 50%

The first half of 2024 saw a significant increase in blockchain security incidents, with 223 reported cases resulting in losses of $1.43 billion, a 50% increase from H1 2023. Ethereum suffered the highest losses at $400 million, followed by Arbitrum ($72.46 million) and Blast ($70 million). The DeFi sector remained the most targeted, accounting for 70.85% of incidents with $659 million in losses.

Notable attacks included the DMM Bitcoin incident, where 4,502.9 BTC ($305 million) was illegally transferred, marking Japan’s third-largest crypto exchange hack. The PlayDapp incident, resulting from a leaked private key, led to unauthorized minting of tokens worth $290.4 million.

Common attack vectors included smart contract vulnerabilities, exit scams, and private key leaks. Emerging trends also showed an increase in attacks on the Solana ecosystem and sophisticated phishing techniques like address poisoning and malicious browser extensions.

Anti-money laundering and regulatory developments

Globally, regulatory approaches to cryptocurrencies diverged, ranging from embracing support to strict prohibition. The US SEC approved spot Bitcoin ETFs while maintaining a cautious stance on other spot crypto ETF applications. In June, the prospect of an Ethereum ETF was approved, with applications for a Solana ETF following a week after.

Across the Atlantic, the EU Parliament passed new laws strengthening anti-money laundering measures, including public access to beneficial ownership registries and an EU-wide limit on cash payments. Turkey introduced strict regulations on crypto assets, with severe penalties for unauthorized service providers.

In Asia, Hong Kong has implemented a comprehensive licensing system for virtual asset service providers and launched Asia’s first spot crypto ETFs.

Efforts to combat illicit activities also intensified, with the US Treasury sanctioning entities involved in sanctions evasion through virtual assets. Tether and Circle blocked hundreds of addresses, freezing millions in assets linked to suspicious activities.

Hacker groups and new money laundering methods

The North Korean Lazarus Group remains a significant threat to crypto firms and decentralized projects, responsible for substantial funds funneled through Tornado Cash. Their sophisticated laundering techniques involved multi-layered mixing strategies, cross-chain swaps, and decentralized exchanges.

Drainer services like Pink Drainer and Inferno Drainer continued to pose risks, with Pink Drainer alone responsible for stealing over $85 million before its retirement. New threats emerged, such as the Diablo Drainer targeting the TON network.

Tornado Cash handled 263,881 ETH ($858.9 million) in deposits and 246,284 ETH ($796.2 million) in withdrawals during H1 2024. The eXch mixer saw a significant increase in activity, with ETH deposits rising to 71,457 from 47,235 in all of 2023, indicating growing usage by potential malicious actors.

Share this article