Blockchain technology is expanding and gaining strategic importance every year, impacting various industries, from financial institutions to healthcare. The total assets in the blockchain world amount to over $1.2 trillion. This sum is comparable to the annual gross domestic product of a country like Spain. The overall long-term trend for this value is on the rise, despite seasonal fluctuations and downturns. In light of this, maintaining preventive measures becomes more of a priority than ever before.
Like almost any other innovation, blockchain is associated with its unique set of vulnerabilities and security threats. Therefore, drawing from our experience, we look to the future to identify and understand the key risks that developers, owners, and users of blockchain-based products and services are likely to face.
In this article, we will provide examples of the major security threats that, in our opinion, will be relevant to blockchain technology in 2024, and discuss strategic approaches and recommendations capable of ensuring robust protection for this technology, essential for the development of modern society and the economy.
Security incidents in the Blockchain World
Let’s take a look at the overall picture of incidents related to blockchain, including cryptocurrency crimes, to better understand the strategies and security measures to be used in the future.
We have analyzed SlowMist’s report on blockchain security and anti-money laundering (AML), the Chainalysis report on crypto crime, as well as a range of other analytical and statistical reports.
In the first half of this year, there were 185 major security incidents in the blockchain, resulting in losses of up to $920 million. At the same time, this figure is 54% lower compared to the first half of 2022 when losses amounted to around $2 billion.
The DeFi, NFT, and Cross-chain Bridge sectors suffered the most significant losses – 131 incidents and losses totaling around $487 million. Despite fewer incidents in trading platforms, public networks, and crypto wallets, they also incurred substantial financial losses.
Crypto mixing platforms, such as Tornado Cash and eXch, have become the focal point of increased user attention and are widely used for questionable transactions.
Phishing scams carried out by groups such as Pink Drainer, Vemon Drainer, Monkey Drainer, Pussy Drainer, and Inferno Drainer continue to pose a serious threat to the blockchain community.
Ransomware attacks are actively evolving. Wrongdoers managed to extort nearly $450 million, which is more than one and a half times higher than the previous year. This growth indicates more aggressive tactics and ambitious goals of criminals.
Fraud and hacks remain among the most profitable forms of cryptocurrency crime.
Damages in fake identity fraud schemes have increased by almost 50% compared to the previous year. Swindlers posing as government officials continue to take significant amounts of money from their victims.
An important feature of the current threat landscape is the growing geopolitical motives behind cryptocurrency crime. Groups from North Korea continue to serve as an incubator for hacking activities and remain one of the largest active threats in the cybercrime landscape.
Hacker groups associated with North Korea are increasingly using Russian exchanges known for laundering illegal crypto assets. This year, the volume of stolen cryptocurrencies linked to North Korean hacker groups, such as the Lazarus Group, exceeded $340 million.
North Korean groups accounted for almost 30% of all cryptocurrencies stolen in hacking attacks this year. Despite the decrease in numbers, Chainalysis analysts caution that this does not necessarily indicate an overall improvement in cryptocurrency security or a reduction in cybercrime.
In the second half of this year, the number of cryptocurrency hacks increased by almost 60% compared to the same period last year. As a result of these incidents, nearly $686 million was lost. An incident of particular significance was the hack of Mixin, which occurred on September 25, 2023, during which the perpetrators made off with approximately $200 million.
In ten incidents in the first half of 2023, stolen funds were successfully recovered. Out of the stolen $232 million, an impressive sum of $219 million was returned. This trend underscores the importance of robust security strategies, collaboration in incident investigations, effective negotiations, and rewards.
Chainalysis analysts also highlight local positive changes in cryptocurrency transactions. In mid-2023, there was a 65% decrease in the volume of illicit transactions compared to the previous year.
Despite a temporary decrease in cryptocurrency crime activity due to seasonal fluctuations in blockchain activity and heightened security measures, the overall trend of security incidents continues to rise. The evolution of the blockchain ecosystem each year brings forth new challenges, prompting us to take security matters even more seriously.