Summary of blockchain security incidents in 2019, global loss exceeds $ 6 billion

table of Contents:

I. Introduction

Active status of mainstream digital assets in 2019

Summary and analysis of digital asset crime incidents in 2019

(I) Hacking to steal digital assets

1.Exchange loopholes

2. Smart contract vulnerabilities

3.Wallet vulnerabilities

4.Public chain vulnerabilities

5. Improper use by users

(II) Illegal transactions on the dark web using digital assets

(3) Using digital assets to launder money

(IV) Cybercrime

(5) Funds, MLM, Ponzi scheme and project party run

(6) Malicious mining

(VII) Information leakage

Dangers of criminal activities on digital assets

V. Digital Asset Crime Emergency Response Plan and Summary

I. Introduction

With the rapid development of modern information technology and applications, digital assets, a form of currency based on computer information technology, came into being. Its traceability, anti-counterfeiting, and anti-tampering features have improved transaction security.In 2019, it has become a hot topic in the industry and has developed rapidly.

Judging from the development status of the world's digital asset market, there are more than 1,500 digital currencies in the world, but at present, digital currencies still have problems of unclear legal status and insufficient supervision. As a result, criminals use the anonymity of digital currency to evade supervision, conduct speculation, illegal fundraising and other activities, which seriously threatens the value storage function of digital currency.

In the development of digital currency in 2019, more and more problems are faced, the security of digital currency trading platforms is poor, the complexity of data structures and algorithms leads to low work efficiency, and especially various irregular operation behaviors, which have affected the development of digital currency. Hinder.

In 2019, blockchain-based security issues based on blockchain-based digital assets are generally on the rise, and security incidents caused by various reasons have also increased significantly. Digital currency crimes are numerous, and cases such as money laundering, fraud, theft, drug trafficking, and mining crimes Frequent.

Active status of mainstream digital assets in 2019

In October 2008, Satoshi Nakamoto published a paper entitled "Bitcoin: A Peer-to-Peer Electronic Cash System", explaining the theoretical framework of the Bitcoin electronic cash system based on blockchain technology.

As of January 2009, the first block containing 50 Bitcoins was officially born. Its decentralization, openness, autonomy, anonymity, and tamper-resistance attracted wide public attention immediately, and its development momentum was rapid. Its ecosystem has extended to the Internet of Things, cloud computing, big data, artificial intelligence and other fields, and its application scenarios also include financial, investment, and regulatory agencies, which has triggered a new round of technological innovation and industrial change. In the financial field, blockchain has become a financial technology hotspot in 2019, and the financial technology engine has promoted the rapid development of cryptocurrencies such as Bitcoin.

According to statistics from 2019, there are more than 1,800 illegal cryptocurrencies in the world, more than 9,600 trading markets, and a market value of up to 820 billion U.S. dollars, which shows the rapid development of its market.

According to the relevant data on the chain, we conducted statistics. As of December 20, 2019, the supply, transaction share, circulation and market value of the top ten mainstream coins are as follows:

(Data from: BLOCKCHAIR)


Summary and analysis of digital asset crime incidents in 2019


Technology is a double-edged sword, both good and bad, and digital assets are no exception. The characteristics and shortcomings of the technology, coupled with the lag and inadequacy of supervision, financial risks follow, security issues are constantly exposed, and financial cases come on schedule. Digital assets have become an important tool for economic crimes involving public money, such as money laundering, terrorist financing, financial fraud, and illegal fund-raising, and various digital currency illegal crime cases have intensified.

Among the digital asset crime cases in 2019, the United States accounts for 28% of the world's largest, Europe accounts for 24%, and China accounts for 18%. According to statistics, from January 2019 to mid-December 2019, there were over 10,000 digital asset hacking incidents worldwide, and as many as 2,000 criminal cases related to digital assets occurred in China.

The types of global digital asset crime cases in 2019 include hacking, coin theft, fraud, illegal fundraising, money laundering, and illegal transactions on the dark web, with a total loss of more than US $ 6 billion. The amount of cyber crime and dark web transactions is roughly the same. The amount of such cases is more than double the former two, and the loss caused to the blockchain by system vulnerabilities exceeds 1 billion US dollars.

The cases of illegal crimes of digital assets not only never stop, but also the emergence of endless criminal means in 2019. Ransomware and the pattern of running funds are reinvented. Criminal gangs come from a wide range. The number of criminal cases and the total amount of criminal activities are increasing.


(I) Hacking to steal digital assets

1.Exchange loopholes

In the past year, there have been numerous security incidents on the exchange. From January to January, the Cryptopia exchange was hacked twice. The stolen ETH and ERC20 currency tokens lost more than 16 million U.S. dollars. Theft of 340,000 ETH and an estimated loss of more than $ 49 million.

In 2019, there were a total of more than 28 exchange security incidents, of which more than 7 became the exchange's digital asset theft incidents, and the rest included exchange runaways, exchange information leaks, and other asset loss incidents, totaling more than $ 1.3 billion in losses.

Typical Case:

· On March 24, 2019, the DragonEx platform wallet was hacked, resulting in the theft of digital assets of users and the platform. Statistics show that the DragonEx exchange lost a total of $ 6,028,283 in digital assets.

· On the morning of May 8, 2019, Binance officially issued an announcement stating that "large-scale security vulnerabilities" were found in the system. Hackers used composite technologies, including phishing, viruses, and other attack methods, at block height 575012. 7,000 Bitcoins were stolen from Binance Hot Wallet. As a result, the exchange lost 41 million U.S. dollars.

· On November 27, 2019, the South Korean exchange's UpBit security system was compromised and 34,200 Ethereum were stolen. As a result, the exchange lost more than $ 50 million.

To address the issue of vulnerabilities in exchanges, we recommend:

(1) The exchange must pay enough attention to the system security system, not only to have a reasonable security architecture, but also to conduct an overall security test of the system. It is necessary to conduct self-inspection of security vulnerabilities already reported by security companies in a timely manner to avoid being Same attack.

(2) The exchange shall establish a complete emergency control plan for the risk control. No matter how mature the exchange may be, the exchange may be used by hackers to find exploitable vulnerabilities. Therefore, in the exchange system, unexpected events cause transaction anomalies and funds are lost. In the event of theft, a sound emergency response mechanism and compensation mechanism are particularly important. For example, risk funds are used to respond to security incidents, or user funds are insured to hedge the impact of data leakage or theft of coins on user funds.

(3) When it is difficult for the exchange project party to implement a comprehensive security system architecture for its own exchange system, it is necessary to consider using third-party security products or cooperating with security companies to jointly build an exchange's secure trading environment and risk control emergency handling mechanism. .

2. Smart contract vulnerabilities

The number of DApps continues to increase in 2019. According to statistics, as of early December, the total number of DApps currently running on public chains such as ETH, EOS, and TRON exceeded 3,000. There have been more than 100 smart contract vulnerabilities this year, and most of them were hacked. EOS DApp. So far, the total loss of DApp hacked has exceeded 10 million US dollars.

A total of over 60 typical attack events occurred on the EOS public chain this year. The concentrated outbreak period from January to April accounted for 67% of the year ’s attack events, mainly due to the continued popularity of spinach applications on the EOS public chain, coupled with the project contract code Weak security has led hackers to conduct continuous attacks on the same vulnerability on multiple DApps. The main methods are transaction blocking, rollback transaction attacks, fake EOS attacks, random number cracking, etc.

A total of nearly 20 typical attack events occurred on the TRON public chain this year, mainly in April, May, and July, with small-scale attacks as the main method and rollback transactions as the main method.

The ETH public chain did not have a serious DApp attack this year. The first is because the number of spinach quiz contracts on the ETH public chain is small and the heat is not enough. The second is because the ETH smart contract project parties have done better in security.

Typical Case:

At 00:17 am on April 11, 2019, hackers starting with TCX1Cay created a large number of fake BTTx coins, and transferred a total of 40 million BTTx tokens to multiple addresses between 00:25 and 01:00, and The fake BTTx was shuffled into real BTT, and the BTTBank game contract starting with TXHFhq was attacked, with a total loss of 180 million BTT.

· On July 23, 2019, from 18:49 to 22:24, the hacker launched a continuous attack on the TronChip, a Tron guessing game, and made a total of 61,867 TRX. The reason for this attack was that the game contract was cracked by random numbers.

· On September 14, 2019, the DICE game in EOS DApp EOSPlay suffered a new type of random number attack, with a loss of up to tens of thousands of EOS. The attacker (account: muma ** mm) used the flaw of the economic model in EOS during this attack and used a new type of random number attack to attack the project party.

To address the issue of smart contract vulnerabilities, we recommend:

(1) Game contract developers should pay attention to the rigor of game logic and code security.

(2) Open up the contract code as soon as possible, so that more professionals and technical teams can participate in it, analyze and sort out accidents that are prone to occur, and improve the security and functional accuracy of contract writing to prevent problems before they occur.

(3) The project party should conduct smart contract security audits and strengthen risk control strategies in all aspects. If necessary, it can contact a third-party professional audit team to perform a complete code security audit before going online.

3.Wallet vulnerabilities

In the past year, the security of the wallet has never stopped. Similar to the exchange, the barriers to entry are low and the security is poor. In the absence of supervision, it is very easy to erupt wallet incidents with huge amounts of money.

The wallet itself also has many security risks, which are vulnerable to hacking attacks, including the existence of wallet APP forgery loopholes, weak passwords not detected in transaction passwords, unreinforced core code, no system operating environment detected, and screenshots and screen recording operations. Since the wallet GateHub broke in early June, more than 23 million XRP have been stolen. There have been more than 7 wallet security incidents throughout the year, with losses exceeding 100 million yuan.

Typical Case:

GateHub is a wallet and gateway for secure storage / processing of XRP. Starting with the first victim stolen 10,000 XRP, by June 2019, more than 23 million XRP have been stolen by more than 80-90 users. . Among them, more than 13 million XRP have been laundered through exchanges or money laundering services.

· On October 11, the cryptocurrency wallet ZenGo CEO Ouriel Ohayon tweeted that Safuwallet, a web-based cryptocurrency wallet, was stolen by a hacker by injecting malicious code.

· From August to September, the Bitcoin wallet Electrum was hacked twice by hackers. According to various statistics, at least 1,450 BTCs have been stolen from counterfeit Electrum upgrade tips, valued at $ 11.6 million.

For the vulnerability of the wallet, we recommend:

(1) Digital currency wallet service providers should strengthen the security audit of wallets on the one hand, and conduct a series of audits including domain name system security checks, host instance security checks, and server-side application security checks, while monitoring private keys. , Mnemonics, transaction processes, and data storage security.

(2) For users who often use online wallets, set different passwords on different platforms and enable secondary authentication. Secondly, it is recommended that individual investors with large asset holdings should use cold wallets with hot wallets. The specific use needs are allocated using hot and cold wallets, so that hot and cold are separated in order to isolate risks.

4.Public chain vulnerabilities

A total of more than 8 public chain attacks occurred in 2019, more than half of which were 51% attacks. Compared to 2018, the frequency of attacks was reduced, causing less losses.

Typical Case:

· On January 5, Ethereum Classic (ETC) was repeatedly attacked by 51%, and 80,000 ETC were used for double spending.

· On August 9, hackers launched a "dust attack" on Litecoin, affecting 294,582 addresses.

At present, except for sufficiently large public chains such as BTC and ETH, it is almost impossible to suffer a 51% attack. All non-large public chains and some small public chain currencies should be careful of the threat from 51% attacks.

When dealing with 51% attacks, you should try to keep the computing power scattered as much as possible. The excessively concentrated computing power is the direct cause of 51% attacks. Based on Satoshi ’s consensus, 51% attacks are theoretically permanent and have a well-established wind Controlling the early warning mechanism, the exchange adopts a good defense mechanism, and can increase block confirmations, suspend deposits and withdrawals, and freeze suspicious accounts to avoid losses in a timely manner when it encounters 51% attacks.

5. Improper use by users

In 2019, the overall user's security awareness increased, and there were still individual users who lost assets due to improper use of wallet private keys and access to phishing websites.

(II) Illegal transactions on the dark web using digital assets

In 2019, the dark web is still an illegal place for cyber crimes. Using the anonymity of digital currencies to conduct transactions and evade supervision, Bitcoins worth US $ 1.035 billion have been used for illegal activities throughout the year. The largest category is pharmaceuticals. Bitcoin is also the most popular digital currency, followed by Litecoin.

The dark web is full of illegal activities such as arms, drugs, pornography and fraud, which have been threatening the security of society, enterprises and the country. There are a variety of illegal goods sold on the dark web, mainly involving data, information, illegal software, arms, drugs, etc. Criminals choose digital currencies as transaction currencies, such as:

1. User data leaks, peddling on the dark web

2. Forged and sold credit card ID cards

3.Visa sales

4.Anonymous bank account and credit card account sales

5. Malware trafficking

6. The sale of arms ID fake ID cards

7. Drug dealing

(3) Using digital assets to launder money

Because digital currency is a dark line that is outside the existing monetary system, it has its own system. Its special attributes make digital currency transactions extremely simple, and it is possible to transfer funds with the network. It is also difficult to track if there are illegal operations. This gives Criminal activities use new channels of funds transfer to hide stolen money.

Compared with other financial instruments, digital currencies are more convenient for money launderers. They no longer need to find someone to use dirty money to buy gold, buy physical goods and then sell them for money. Over 5 billion U.S. dollars in money laundering cases that have been investigated and dealt with in 2019 have been conducted through cryptocurrencies, of which Bitcoin is the first choice for criminals to launder money. The more typical cases of money laundering are as follows:

In addition, virtual digital currency gambling can also realize money laundering, because gambling sites do not need to obtain real name authentication, so it is difficult for law enforcement agencies to know who actually withdraws digital currency from the account of the gambling site. There are now 100-200 gambling sites around the world that can use digital currencies to make gambling payments. Criminals open accounts on these websites, and then transfer funds into the account to conduct some small gambling, and some do not even gamble, and then withdraw money to a new address to achieve money laundering purposes.

Digital currency has become an important tool for money laundering by criminals around the world. For law enforcement agencies, it is becoming increasingly difficult to find money laundering behaviors and track the source and destination of funds.

(IV) Cybercrime

Cybercrimes include fraud, extortion, and the disruption of related blockchain service application providers. Criminals use the anonymity of bitcoin, more often choose bitcoin as a ransom, and use blackmail or some other illegal means to blackmail. Extortion.

In 2019, cyber ransomware attacks caused global losses of 500 million to 1.5 billion US dollars, an increase of 20% compared to last year. The criminal activities of extortion of digital currencies have continued, and even have

The typical cases are as follows:

It is not difficult to see that this year is still a year of various types of fraud and criminal incidents. Various types of cyber fraud incidents still account for a large proportion of cybercrime activities. When we are conducting financial management on the Internet financial platform, we are facing a huge temptation. Don't trust the so-called "inside information".

(5) Funds, MLM, Ponzi scheme and project party run

Criminals may use digital currency as a payment tool for illegal fundraising or fundraising fraud. They use investment funds to issue digital currencies, develop bitcoin's underlying technology applications, and use digital currency “moving bricks” to arbitrage under the guise of funds, pyramid schemes, Ponzi Scams and other operating models conduct illegal fundraising or fundraising fraud. Once the "time" arrives or a problem occurs, the gang runs directly.

Among the many fund, MLM, wallet, and exchange run events in 2019, the most notable event was the Plustoken wallet run event on June 29. Many users reported that the Plustoken wallet could no longer be withdrawn, and the project of the Plustoken wallet. Fang was suspected to be on the road, and the amount involved may exceed 20 billion yuan. As of the beginning of December, this year's blockchain project parties involved in this year involved more than 25 billion yuan in funds.

(6) Malicious mining

Electricity consumption is the main cost of mining, and it is also the key to determining mining profits. As the difficulty of mining increases, the income from mining by normal means has become lower and lower, and many people have started the illegal mining. idea.

The mining Trojan obtains the rewards of the digital currency system by completing a large number of calculations. During the calculation process, the mining Trojan and worm will consume a large amount of CPU and GPU resources of the computer, causing the computer to become abnormally slow, although it will not poison the computer. It will bring direct loss, but it will interfere with the normal system operation, and the speed of transmission and the large amount of infection will bring great impact and loss to government agencies and business services.

We recommend that users avoid using weak passwords and passwords that are not reused; close unnecessary ports and upgrade system firmware; update important patches in time and uninstall software from unknown sources; increase security awareness, do not click and browse some high-risk pages, and be careful Open files, emails, links, etc. of unknown origin.

(VII) Information leakage

In 2019, a total of more than 5 more typical information leakage incidents were reported.Although blockchain technology can get rid of the control of big data information by centralized institutions to a certain extent and ensure the transmission of personal privacy data through encryption, at present, Many exchanges and wallets still operate in a centralized manner. It is inevitable that users' personal data will be stored. Once attacked, hackers may obtain a large amount of user data and sell the data through dark web and other methods to obtain huge profits.

Dangers of criminal activities on digital assets


Due to the low threshold of digital asset criminal activity and the extremely convenient use of digital assets for fund transfer, digital asset crime is becoming part of traditional crime. Many traditional criminal organizations have used digital currency that is not limited to Bitcoin to support their business. This trend will continue in 2020.

According to relevant information, some criminal organizations are introducing digital asset experts to provide them with advice on combining digital currency with fraud, money laundering and illegal gambling activities, and even some criminal groups are taking over the work of exchanges and bitcoin mines for clean funds. origin of.

The harm of digital asset crime cases will be huge.

Cases often spread very widely. Once a case occurs, it can quickly spread to all countries in the world. The impact is extremely bad. Not only will it cause heavy losses to consumers around the world, but it will also severely disrupt and disrupt financial markets. The money laundering, illegal fund raising, and terrorist financing described in this article will also endanger social stability, disrupt social order, and have a bad impact on world peace and stability.

Specifically, criminals using digital currencies to commit crimes will suffer different degrees of losses for regular enterprises and ordinary users in the digital currency industry.

For businesses:

For enterprises, due to the huge amount of funds held by digital currency exchanges, wallet providers, and public chains, which involve a very wide range of users, and related trading institutions have insufficient experience in network security and protection of investor assets, often they are The primary goal of hacking.

Hackers use their own loopholes to attack the platform through various attack methods. The stolen digital currency is generally a huge amount. For most platforms, it can be said that it is a serious trauma. Some exchanges have been hacked and their assets are almost Stolen air, followed by the inability to operate normally and eventually collapse, may also affect the stability of financial markets.

For ordinary users:

For ordinary users, the attack software used by criminals may also invade ordinary users' computers and mobile phones. Not only digital currencies will be lost, but also legal currencies and private information may be stolen.

Criminals use digital currencies to conduct dark-net transactions, making harmful items such as drugs easier to circulate, personal security may also be threatened, and personal privacy information is at risk of being sold on the dark-net at any time. However, due to the lack of restrictions on the trading of cryptocurrencies, if you do not understand the industry and have insufficient knowledge reserves, you can easily be manipulated and used by speculators, cheated by criminals, and caught in the scam of illegal financing, illegal fundraising, and extortion.

Hundreds of MLM coins have appeared in the world in 2019, and the victims of these MLM coins have suffered heavy losses. Many people have lost their homes overnight, and many of the victims ’family happiness has also been adversely affected. This has proven to be such a hazard And losses are unbearable for ordinary investors.

Overall, the impact of the illegal crime of digital currencies on the industry is extremely bad:

1. At present, private digital currency or quasi-digital currency has developed into an "unstable force" in the socio-economic system.

Some criminals use digital currency as cover to carry out illegal fund-raising and fraud activities, create "MLM coins", and maliciously speculate on the price of digital currencies. This has led to a large number of digital currency innovations, and the huge scale of private digital currency transactions and the rapid price surge have damaged the market stability.

2. Digital currency has now become a part of the financial industry. The skyrocketing price of digital currency will also push up the amount involved, which will increase losses. And because digital currency is issued through the Internet, once illegal crimes occur, they can be quickly sent to countries around the world. The spread will cause harm to the whole world and will undoubtedly have a negative impact on the financial industry and disrupt the normal financial order.

3. Some serious illegal crime cases may also cause market panic, increase the seller's market, cause the price of digital currencies to fall, and squeeze the market bubble.

4. Digital currency is used for a large number of transactions such as fake passports, providing pornographic services, transferring illegal assets, buying and selling drugs and underground arms, which will disrupt social order, pose a threat to the stable development of the society, and affect the regular operations of the industry. It is undoubtedly extremely harmful to the entire digital currency industry, to the financial industry, and to the entire society.  


V. Digital Asset Crime Emergency Response Plan and Summary


With the continuous development of the blockchain, there will be endless security incidents. Behind us we can't see the world of blockchain is constantly performing a shocking security offensive and defensive battle. How to effectively protect the security of the entire ecosystem of the blockchain under the current era of the blockchain has always been the direction that the industry and practitioners should think and work hard. We call for suggestions:

(I) Attention to Blockchain Security

On the eighteenth collective study of the Political Bureau of the Central Committee, General Secretary Xi specifically emphasized that "the promotion of the orderly development of blockchain security", and the increased emphasis on blockchain security issues at the national level will also inspire the general public. Concerned about the security issues of the blockchain.

(2) It is necessary to build China's "independent innovation blockchain security technology and guarantee system"

In order to further implement the important instructions of the Political Bureau of the Central Committee, security companies will serve as the backbone of the blockchain security field. It is necessary to build a "independent innovation and independent controllable" blockchain security technology and security system in China to enhance the blockchain. Self-security capabilities to prevent major losses from being attacked.

(3) Security risks facing the current blockchain industry

The current blockchain industry is still facing a large number of security risks, such as social security issues such as money laundering, extortion, and dark network transactions caused by companies' neglect to build security defenses and digital asset security loopholes. Strengthening security supervision and establishing a solid security defense line are important tasks for the current development of blockchain.

(IV) The entire industry needs positive guidance

If blockchain technology is to better serve our real economy, it must be used "right." We must make good use of blockchain technology and make full use of it, rather than just abuse it. This requires blockchain practitioners to develop a positive industry attitude from their own, and jointly promote the healthy development of the blockchain industry.

(V) The role of blockchain security companies

In the face of current asset theft incidents caused by blockchain system security vulnerabilities, and the use of digital assets to commit crimes, pyramid schemes, and other illegal activities, blockchain security companies need to go all out and take responsibility. Contribute more to the healthy development of the industry. On the one hand, it assists relevant companies to do a good job in security protection, improve security protection capabilities, and reduce security losses; on the other hand, it continues to vigorously assist government regulators in conducting investigations and evidence collection to effectively strengthen security supervision Mostly, they give a positive voice to the development of the industry, take the lead in establishing orderly industry norms, and promote the construction of safety standards.