2023 区块链安全与反洗钱年度报告
前言
慢雾科技发布《2023 区块链安全与反洗钱年度报告》,我们期望这份报告为读者提供有益的信息,帮助从业者和用户更全面地了解区块链安全现状及解决方案,为促进区块链生态的安全贡献一份力量。
由于篇幅限制,这里仅罗列分析报告中的关键内容,完整内容可通过文末 PDF 下载。
一、概述
2023 年区块链行业是振奋又动荡的一年。在此背景下,本报告将回顾 2023 年区块链行业关键监管合规政策及动态,总结 2023 年区块链安全事件及反洗钱态势,对部分洗钱工具进行统计,并对典型安全事件及典型钓鱼骗局手法进行详细剖析,提出预防方案和措施建议。此外,我们还邀请了 Web3 反诈骗平台 Scam Sniffer 撰写关于钓鱼团伙 Wallet Drainers 的内容,同时我们对黑客团伙 Lazarus Group 的洗钱手法和获利资金进行了分析和统计。
二、区块链安全态势
根据慢雾区块链被黑事件档案库(SlowMist Hacked) 统计,2023 年安全事件共 464 件,损失高达 24.86 亿美元。 对比 2022 年(共 303 件,损失约 37.77 亿美元),损失同比下降 34.2%。
区块链安全事件总览
从项目赛道来看,DeFi 仍然是最常受到攻击的领域。2023 年 DeFi 安全事件共 282 件,占事件总数的 60.77%,损失高达 7.73 亿美元,对比 2022 年(共 183 件,损失约 20.75 亿美元),损失同比下降 62.73%。
(2023 各赛道安全事件分布及损失)
(2022 和 2023 DeFi 安全事件分布及损失对比图)
从生态来看,Ethereum 损失最高,达 4.87 亿美元。其次是 Polygon,达 1.23 亿美元。
(2023 各生态安全事件分布及损失)
从事件原因来看,跑路事件最多,达 117 件,损失约 8300 万美元。其次为账号被黑导致的安全事件。
(2023 安全事件手法图)
典型攻击事件
此节选取了 2023 年损失 Top10 的安全事件。详情见文末的 PDF 文件内容。
(2023 损失 Top10 的安全攻击事件)
Rug Pull
根据慢雾区块链被黑事件档案库(SlowMist Hacked) 统计,2023 年跑路 Rug Pull 事件高达 117 起,导致损失约 8300 万美元。其中,Base 生态损失最高,达 3250 万美元。其次是 BSC 生态,达 2305 万美元。
(2023 致损前十跑路事件及损失)
(2023 各生态跑路事件分布及损失)
Rug Pull 是一种骗局,通常是项目方主动作恶,以多种方式发生:比如项目方启动初始流动性,推高价格后撤回流动性;比如项目方先创建一个加密项目,通过营销手段吸引加密用户投资,并在合适的时机毫无征兆地卷走用户投资的资金,抛售加密资产,最终销声匿迹;比如推出一个网站,在吸引了数十万存款后关闭;比如项目方在项目中留下了后门代码。无论如何,任何一种类型的 Rug Pull 都会让投资者遭受损失。
同时,本节介绍了一个由合约存储引起的极其隐蔽的 Rug Pull 案例:在项目代币没有任何增发记录的情况下,恶意用户使用未被记录的大量增发代币卷走了池子中的资金。
欺诈
近年来,加密货币市场逐渐变成骗子们实施欺诈的沃土。骗子常常通过虚假账户冒充名人、交友杀猪盘、宣传虚假的交易平台、庞式骗局等进行诈骗,甚至随着技术的发展,骗子还会用人工智能软件来让骗局更具说服力。本节将介绍一个主要发生在香港的加密货币骗局——JPEX 事件。据相关说法,JPEX 的暴雷可能成为香港历史上最大的金融欺诈案。
(JPEX 事件时间线图)
钓鱼/骗局手法
此节选取我们于 2023 年披露的部分钓鱼/骗局手法:
1、WalletConnect 钓鱼风险
2、Permit 签名钓鱼
3、假 Skype App 钓鱼
4、伪装成转账地址的钓鱼网址
5、Telegram 定点欺诈攻击
6、Create2 钓鱼风险(https://drops.scamsniffer.io/post/wallet-drainers-starts-using-create2-bypass-wallet-security-alert)
7、SIM 卡交换攻击
三、反洗钱态势
本节分为反洗钱及监管动态、安全事件反洗钱、黑客团伙画像及动态、洗钱工具四部分。
反洗钱及监管动态
在 2023 年,加密货币的世界持续经历动荡不安。在上一轮加密牛市期间,SBF 和 CZ 这两位行业巨头的每一个举动似乎都能对市场产生深远影响。然而在 11 月份,联邦陪审团以对 FTX 的倒闭导致的欺诈和共谋的指控,判定 SBF 有罪。仅仅几周后,币安接受了指控,支付了 43 亿美元的罚款,CZ 也同意了放弃对币安的控制权。随着加密资产行业在风雨飘摇的“寒冬”与熊市之间跌宕起伏,各国政府和国际组织对此也表现出更为谨慎的态度,各国对于加密货币的监管政策还在逐步形成中。具体政策及执法行动见文末的 PDF。
安全事件反洗钱
1、资金冻结数据
在 InMist 情报网络合作伙伴的大力支持下,2023 年度 SlowMist 协助客户、合作伙伴及公开被黑事件冻结资金共计超过 1250 万美元。
2、资金归还数据
2023 年遭受攻击后仍能全部或部分收回损失资金的事件共有 31 起。在这 31 起事件中,被盗资金总计约 3.84 亿美元,其中的 2.97 亿美元被返还,占被盗资金的 77%。在这 31 起事件中,有 10 个协议的资金被全部退回。
(2023 追回全部被盗资金的事件)
黑客团伙画像及动态
1、黑客团伙 Lazarus Group
根据 2023 年的公开信息,截止到 6 月份,仍然没有任何重大加密货币盗窃案被归因为朝鲜黑客 Lazarus Group。从链上活动来看,朝鲜黑客 Lazarus Group 主要在清洗 2022 年盗窃的加密货币资金,其中包括 2022 年 6 月 23 日 Harmony 跨链桥遭受攻击损失的约 1 亿美元的资金。朝鲜黑客 Lazarus Group 除了在清洗 2022 年盗窃的加密货币资金以外,其他的时间也没有闲着,这个黑客团伙在黑暗中蛰伏着,暗中地进行 APT 相关的攻击活动。这些活动直接导致了从 6 月 3 日开始的加密货币行业的 “黑暗 101 日”。
在 “黑暗 101 日” 期间,共计有 5 个平台被盗,被盗金额超 3 亿美元,其中被盗对象多为中心化服务平台。
根据我们的分析,朝鲜黑客 Lazarus Group 的洗钱方式也随着时间在不断进化,隔一段时间就会有新型的洗钱方式出现,洗钱方式变化的时间表见文末 PDF。
2、钓鱼团伙 Wallet Drainers
注:本小节由 Scam Sniffer 倾情撰写,在此表示感谢。
Wallet Drainer 作为一种加密货币相关的恶意软件,在过去的一年里取得了显著的"成功"。这些软件被部署在钓鱼网站上,骗取用户签署恶意交易,进而盗取其加密货币钱包中的资产。这些钓鱼活动以多种形式不断地攻击普通用户,导致许多人在无意识地签署恶意交易后遭受了重大财产损失。在过去一年,Scam Sniffer 监控到这些 Wallet Drainers 已经从大约 32 万受害者中盗取了将近 2.95 亿美金的资产。
值得一提的是,3 月 11 号这一天有接近 700 万美金被盗。大部分是因为 USDC 汇率波动,遭遇了假冒 Circle 的钓鱼网站。也有大量的被盗临近 3 月 24 号 Arbitrum 的 Discord 被黑以及后续的空投。
每次波峰都伴随着关联群体性事件。可能是空投,也可能是黑客事件。
随着 ZachXBT 揭露 Monkey Drainer 后,他们在活跃了 6 个月后宣布退出,然后 Venom 接替了他们的大部分客户。随后 MS, Inferno, Angel, Pink 也都在 3 月份左右出现。随着 Venom 在 4 月份左右停止服务,大部分的钓鱼团伙转向了使用其他的服务。按照 20% 的 Drainer 费用, 他们通过出售服务获利至少 4700 万美金。
洗钱工具
1、Sinbad 混币器
2、Tornado Cash
3、eXch
4、Railgun
四、总结
本报告总结了 2023 年区块链行业的关键监管合规政策及动态,包括但不限于全球范围内对于加密货币的监管态度以及一系列关键的政策变化。同时,我们还总结了 2023 年的区块链安全事件和反洗钱动态,对部分洗钱工具进行了分析,对那些典型的安全事件和钓鱼骗局进行了说明,并提出了相应的防范和应对措施。希望这份报告能为读者提供有价值的信息,帮助读者更全面地了解区块链行业的安全和反洗钱现状,使每一位行业参与者都能从中受益,为推动区块链生态安全的发展贡献出一份力量。
五、免责声明
本报告内容基于我们对区块链行业的理解、慢雾区块链被黑档案库 SlowMist Hacked 以及反洗钱追踪系统 MistTrack 的数据支持。但由于区块链的“匿名”特性,我们在此并不能保证所有数据的绝对准确性,也不能对其中的错误、疏漏或使用本报告引起的损失承担责任。同时,本报告不构成任何投资建议或其他分析的根据。本报告中若有疏漏和不足之处,欢迎大家批评指正。
导读到此,完整版本,欢迎阅读并分享 :)
https://www.slowmist.com/report/2023-Blockchain-Security-and-AML-Annual-Report(CN).pdf
Foreword Slow Fog Technology released the annual report on blockchain security and anti-money laundering. We hope that this report will provide readers with useful information, help practitioners and users to understand the current situation of blockchain security and solutions more comprehensively, and contribute to promoting the safety of blockchain ecology. Due to space constraints, only the key contents of the analysis report are listed here. The complete content can be downloaded through the end of the article. An overview of the blockchain industry in 2008 was exciting and turbulent. Under this background, this report will review the key points of the blockchain industry in 2008. Regulatory compliance policy and dynamic summary of blockchain security incidents and anti-money laundering situation in 2008; statistics of some money laundering tools; detailed analysis of typical security incidents and typical phishing scams; suggestions on prevention schemes and measures; in addition, we also invited anti-fraud platform to write content about phishing gangs; meanwhile, we analyzed and counted the money laundering methods and profit-making funds of hacker gangs; 2. Blockchain security situation; statistics of annual security incidents according to the archives of hacking incidents of slow fog blockchain. Compared with the annual total loss of about $100 million, the overall situation of blockchain security incidents decreased year-on-year. From the project track, it is still the most frequently attacked area. The annual total loss of security incidents is as high as $100 million compared with the annual total loss of about $100 million. The distribution and loss of security incidents in each track and the comparison chart of losses are as high as $100 million from the original event. From the point of view, the maximum loss of running events is about $10,000, followed by the security events caused by account hacking. The typical attack events are selected in this section. See the file at the end of the article for details of the security events lost in the year. According to the statistics of the slow fog blockchain hacked event archive, the annual running events have caused losses of about $10,000, of which the ecological loss is up to $10,000, followed by the top ten running events and the distribution and loss of each ecological running event. Loss is a scam, which usually happens in many ways, for example, the project party starts the initial liquidity to push up the price and then withdraws the liquidity, for example, the project party first creates an encrypted project to attract encrypted users' investment through marketing means, and takes away the funds invested by users at the right time without warning, selling encrypted assets and finally disappearing, for example, launching a website and closing it after attracting hundreds of thousands of deposits, for example, the project party leaves a backdoor code in the project, no matter what. At the same time, this section introduces an extremely hidden case caused by contract storage. Under the condition that there is no record of any additional issuance of project tokens, malicious users use a large number of unrecorded additional tokens to take away the fund fraud in the pool. In recent years, the cryptocurrency market has gradually become a fertile ground for fraudsters to commit fraud. Liars often cheat by pretending to be celebrities, killing pigs and selling fake trading platforms, even with the development of technology. I will also use artificial intelligence software to make the scam more convincing. This section will introduce a cryptocurrency scam that mainly occurred in Hong Kong. According to relevant statements, the thunderstorm may become the biggest financial fraud event in Hong Kong history. The time line chart and phishing scam techniques are selected. This section is divided into anti-money laundering and surveillance. In charge of dynamic security incidents, portraits of anti-money laundering hacker gangs and dynamic money laundering tools, anti-money laundering and regulatory trends continued to experience turmoil in the world of cryptocurrency in. During the last round of cryptocurrency bull market, every move of these two industry giants seemed to have a far-reaching impact on the market. However, only a few weeks after the federal jury found him guilty of fraud and conspiracy caused by the closure of the company, Bi An accepted the accusation, paid a fine of US$ 100 million and agreed to give up control of Bi An. With the ups and downs of crypto-asset industry between stormy winter and bear market, governments and international organizations are also more cautious about this. The regulatory policies of crypto-currency in various countries are still gradually taking shape. See the security incident of anti-money laundering at the end of the article for specific policies and enforcement actions. With the strong support of intelligence network partners, the company assists customers, partners and is publicly hacked. The total amount of funds frozen exceeds 10,000 US dollars, and it can still be returned after the data is attacked. In this incident, the stolen funds totaled about 100 million dollars, of which 100 million dollars were returned, accounting for the stolen funds. In this incident, there was an agreement that all the funds were returned to recover all the stolen funds. According to the public information of 2000, there was still no major cryptocurrency theft as of January because North Korean hackers were mainly cleaning up the cryptocurrency stolen in 2000. Gold includes the loss of about $100 million from the attack on the cross-chain bridge on January, and North Korean hackers have not been idle except for the cryptocurrency funds stolen in the cleaning year. This hacker gang has been dormant in the dark and secretly carried out related attacks. These activities directly led to the dark day of cryptocurrency industry since June, during which a total of more than $100 million was stolen, most of which were centralized service platforms. According to our analysis, The money laundering methods of fresh hackers are also evolving with time. At intervals, there will be new money laundering methods. See the timetable for the change of money laundering methods. At the end of the article, the note section of phishing gangs was written by Qing Qing. I would like to express my gratitude. As a cryptocurrency-related malware, it has achieved remarkable success in the past year. These softwares have been deployed on phishing websites to trick users into signing malicious transactions and then stealing assets in their cryptocurrency wallets. These phishing activities are constantly attacked in various forms. Ordinary users have caused many people to suffer heavy property losses after signing malicious transactions unconsciously. In the past year, it was monitored that these assets have stolen nearly 100 million dollars from about 10,000 victims. It is worth mentioning that nearly 100 million dollars were stolen on January, mostly because of exchange rate fluctuations. There were also a large number of stolen phishing websites, hacked near the month, and subsequent airdrops. Every peak was accompanied by related mass incidents, which may be airdrops or hacking incidents. After the disclosure, they announced their withdrawal after being active for months and then took over most of their customers. 比特币今日价格行情网_okx交易所app_永续合约_比特币怎么买卖交易_虚拟币交易所平台
注册有任何问题请添加 微信:MVIP619 拉你进入群
打开微信扫一扫
添加客服
进入交流群
1.本站遵循行业规范,任何转载的稿件都会明确标注作者和来源;2.本站的原创文章,请转载时务必注明文章作者和来源,不尊重原创的行为我们将追究责任;3.作者投稿可能会经我们编辑修改或补充。
