Amid this dynamic landscape, the blockchain industry advances at the intersection of security and innovation, according to a report from SlowMist.
The research report from SlowMist provides an in-depth review of key regulatory policies and anti-money laundering (AML) developments in 2024.
It examines major blockchain / DLT security incidents, highlights fraud techniques, and features insights contributed by the Web3 anti-scam platform ScamSniffer on phishing wallet drainers.
Additionally, the report includes a statistical analysis of laundering methods and gains by North Korean hackers.
According to the SlowMist Hacked, a total of 410 security incidents were recorded in 2024, “resulting in losses amounting to $2.013 billion.”
Compared to 2023, which saw 464 incidents and “approximately $2.486 billion in losses, the total losses in 2024 represent a year-over-year decrease of 19.02%.”
It’s important to note that these figures were “recorded at the time of the incidents.”
With the significant increase in cryptocurrency prices since then, the actual value of the “losses could be higher.”
Additionally, these numbers reflect only “publicly known incidents, meaning the real figures are likely much greater due to unreported cases.”
In terms of type of security incidents, DeFi remains the “most frequently targeted sector for attacks.”
In 2024, a total of 339 DeFi-related security incidents were reported, accounting for “82.68% of all security breaches, with losses reaching an astonishing $1.029 billion.”
Compared to 2023, which saw 282 incidents resulting in “losses of approximately $773 million, this represents a year-over-year increase in losses of 33.12%.”
From a blockchain perspective, Ethereum experienced the “highest losses, totaling $465 million, followed by BSC (Binance Smart Chain) with losses amounting to $87.35 million.”
When looking at the causes of these incidents, smart contract vulnerabilities were the most common, “with 99 reported incidents resulting in approximately $214 million in losses.”
The second most frequent cause was “account compromises.”
As explained in the report from SlowMist, a Rug Pull is a type of scam in which malicious project teams create hype to attract user investments, only to “pull the rug” by absconding with the funds once the time is right.
According to the SlowMist Hacked Database, 58 Rug Pull incidents were recorded in 2024, “resulting in losses of approximately $106 million.”
The zkSync ecosystem experienced the highest losses, “totaling $36.95 million, while the BSC (Binance Smart Chain) ecosystem saw the most incidents, with 28 Rug Pulls reported.”
In 2024, the blockchain industry continued to ride the wave of innovation and transformation, “presenting both new opportunities and challenges.”
SlowMist further noted that the numerous security incidents and anti-money laundering (AML) developments of the year “serve as stark reminders of the importance of industry standards and robust technological safeguards.”
SlowMist also mentioned that by analyzing blockchain security incidents and money laundering cases from 2024, they aim to “raise awareness of the critical need for enhanced security across the ecosystem.”
The SlowMist team concluded:
“Looking ahead, as regulatory frameworks become more comprehensive and technological capabilities advance, there is every reason to believe the blockchain industry will progress toward greater safety, transparency, and compliance.”