|
According to the monitoring data from Beosin KYT Anti-Money Laundering Analysis Platform, in February 2024, the losses from various security incidents significantly increased compared to January. There were more than 19 typical security incidents in February, resulting in a total loss of $422 million due to hacker attacks, phishing scams, and Rug Pull, marking a approximately 102% increase from January. Among these, the losses from attack incidents were about $347 million, an increase of around 110%; phishing scam incidents accounted for approximately $16.08 million, showing a decrease of about 52%; and Rug Pull incidents amounted to approximately $59.38 million, with an increase of about 440%.
The largest attack incident this month was the breach of the cryptographic gaming platform PlayDapp due to private key leakage, resulting in a loss of $290 million, making it the highest-loss security incident this year. Other incidents with losses exceeding tens of millions of dollars included the attack on the centralized exchange FixedFloat, resulting in a loss of $26.1 million in Bitcoin and Ethereum, and the personal address of Jihoz.ron, co-founder of Axie Infinity, suffering a loss of about $10 million due to private key leakage. Additionally, Hong Kong exchange Bitforex experienced a suspected Rug Pull, with an abnormal outflow of $56.5 million from the hot wallet.
In terms of regulatory compliance policies, there are also some new developments. Let's take a look together.
**Hacker Attacks:**
- There were 9 typical security incidents, including attacks on PlayDapp, FixedFloat, Blueberry Protocol, and Shido.
**Phishing Scams/Rug Pull:**
- 7 typical security incidents, involving phishing attacks on addresses starting with 0xe726, 0x8366, Bitforex, and others.
**Cryptocurrency Crimes:**
- 3 typical security incidents, including arrests related to the Haru Invest platform in South Korea, imprisonment of the CEO of Bitsonic, and the dismantling of the LockBit criminal organization by the UK National Crime Agency.
**Regulatory Compliance Policies:**
- Hong Kong's Securities and Futures Commission announced that virtual asset trading platforms operating in Hong Kong must submit license applications by February 29, 2024, or cease operations in Hong Kong by May 31, 2024.
- Spain's Ministry of Finance is seeking control and supervision of taxpayers' cryptocurrency assets, proposing reforms to allow the confiscation of cryptocurrency by the tax authority Agencia Tributaria.
- Hong Kong Monetary Authority issued a circular on the sale and distribution of tokenized products, outlining regulatory standards for recognized institutions selling and distributing tokenized products.
- The U.S. Securities and Exchange Commission (SEC) sought public opinion on the possibility of introducing Bitcoin spot ETF options trading.
In summary, the total losses from various blockchain security incidents in February 2024 continued to increase significantly. Private key leaks accounted for about 90% of the total attack losses ($312 million), emphasizing the importance of private key security. It is recommended that project teams implement comprehensive private key management measures, enhance employee security awareness training, and exercise caution in using third-party password management tools. With several phishing incidents exceeding a million dollars this month, users are advised to remain vigilant, avoid clicking on unfamiliar links, and carefully inspect signature content. |
|