Panoramic scan security incidents in 2019: 28 exchange cases involving 1.3 billion U.S. dollars

Editing | Wenyi Zhou | PANews

Data and Analysis Support | Chengdu Chain Security

PAData Insight:

1. This year, the total number of blockchain security incidents has exceeded 10,000, and the cumulative global loss has exceeded US $ 6 billion.

2. Of the digital asset crime cases, the United States accounts for 28% of the world's largest, Europe accounts for 24%, and China accounts for 18%.

3. This year, there were more than 28 exchange security incidents, more than 7 of which were the theft of digital assets of exchanges.

4. Over one hundred smart contract vulnerabilities have accumulated losses of more than 10 million U.S. dollars, of which EOS DApp attack incidents have exceeded 60 cases at most, accounting for 67%.

5. There were more than 7 wallet security incidents throughout the year, with losses exceeding 100 million RMB.

6. This year, Bitcoin has become the digital currency with the most traffic on the dark web, with a total transaction value of approximately 1.035 billion US dollars.

7. This year's cyber ransomware attack caused a loss of up to 1.5 billion US dollars, up 20% year-on-year, and various types of fraud and crime are still rampant.

Security issues have always been a hot issue in the industry. According to the Chengdu Chain Security Report, in 2019, blockchain security issues based on blockchain digital assets are generally on the rise, and security events caused by various reasons have also increased significantly. Digital currencies There are various crimes, and money laundering, fraud, theft, drug trafficking, and mining crimes are frequent. Due to the poor security of digital currency trading platforms, the complexity of data structures and algorithms results in low work efficiency, and especially various irregular operation behaviors, which have hindered the development of digital currencies.

In the security incident, the project party ran the road involving the most funds

U.S. becomes the hardest hit area for digital asset crime in 2019

According to Chengdu Chainan statistics, in 2019, digital assets crime cases in the United States accounted for 28% of the world's largest, Europe accounted for 24%, and then China accounted for 18%. According to statistics, from January 2019 to mid-December 2019, there were over 10,000 digital asset hacking incidents worldwide, and as many as 2,000 criminal cases related to digital assets occurred in China.

In 2019, criminal methods have emerged endlessly, ransomware and fund running patterns have been changed, criminal gangs have a wide range of sources, and the number of crime cases and the total amount of criminal activities are increasing.

The types of global digital asset crime cases in 2019 include hacking, coin theft, fraud, illegal fundraising, money laundering, and illegal transactions on the dark web, with a total loss of more than US $ 6 billion. The amount of cyber crime and dark web transactions is roughly the same. The amount of such cases is more than double the former two, and the loss caused to the blockchain by system vulnerabilities exceeds 1 billion US dollars.

In terms of hacking, assets are stolen mainly due to 5 reasons: exchange vulnerabilities, smart contract vulnerabilities, wallet vulnerabilities, public chain vulnerabilities, and improper use by users.

Accumulated more than 28 exchange security incidents in 2019

More than 70% are digital asset theft incidents

In 2019, there were more than 28 exchange security incidents, of which more than 7 became the exchange digital asset theft incidents. Since January, the Cryptopia exchange has been hacked twice, and the stolen ETH and ERC20 currency tokens have lost more than 1600. Ten thousand US dollars, and then stolen 340,000 ETH on the South Korean Upbit exchange on November 27, with an estimated loss of more than 49 million US dollars. The rest included the exchange run, exchange information leaks, and other asset loss incidents, totaling more than $ 1.3 billion in losses.

On the morning of May 8, 2019, Binance officially issued an announcement stating that "large-scale security vulnerabilities" were found in the system. Hackers used composite technologies, including phishing, viruses, and other attack methods, to withdraw coins at a block height of 575012. 7,000 bitcoins were stolen from An An wallet. As a result, the exchange lost 41 million U.S. dollars.

On November 27, 2019, the South Korean exchange's UpBit security system was breached and 34,200 Ethereum were stolen. As a result, the exchange lost more than $ 50 million.

Cumulative losses of more than 100 smart contract vulnerabilities

More than 60 EOS DApp attacks, accounting for 67%

The number of DApps continues to increase in 2019. According to statistics, as of early December, the total number of DApps currently running on public chains such as ETH, EOS, and TRON exceeded 3,000. There have been more than 100 smart contract vulnerabilities this year, and most of them were hacked. EOS DApp. So far, the total loss of DApp hacked has exceeded 10 million US dollars.

A total of over 60 typical attack events occurred on the EOS public chain this year. The concentrated outbreak period from January to April accounted for 67% of the year ’s attack events, mainly due to the continued popularity of spinach applications on the EOS public chain, coupled with the project contract code Weak security has led hackers to conduct continuous attacks on the same vulnerability on multiple DApps. The main methods are transaction blocking, rollback transaction attacks, fake EOS attacks, random number cracking, etc.

A total of nearly 20 typical attack events occurred on the TRON public chain this year, mainly in April, May, and July, with small-scale attacks as the main method and rollback transactions as the main method.

The ETH public chain did not have a serious DApp attack this year. The first is because the number of spinach quiz contracts on the ETH public chain is small and the heat is not enough. The second is because the ETH smart contract project parties have done better in security.

More than 7 wallet security incidents in 2019

June is the high incidence period of wallet security incidents

Due to the low barriers to entry and poor security, in the absence of supervision, wallet security issues have repeatedly erupted, and it is very easy for outbreaks of wallets to carry huge amounts of money. At present, there are multiple security risks in the wallet, including wallet APP forgery vulnerabilities, weak passwords not detected in transaction passwords, unreinforced core code, no system operating environment detected, and screenshots and screen recordings of operations.

Since the wallet GateHub broke in early June this year, more than 23 million XRP have been stolen. There have been more than 7 wallet security incidents throughout the year, with losses exceeding 100 million yuan.

On October 11, the cryptocurrency wallet ZenGoCEO Ouriel Ohayon tweeted that the web cryptocurrency wallet Safuwallet was stolen by a hacker by injecting malicious code.

From August to September, the Bitcoin wallet Electrum was hacked twice by hackers. According to various statistics, at least 1,450 BTCs have been stolen from counterfeit Electrum upgrade tips, valued at $ 11.6 million.

Accumulated more than 8 public chain security incidents

More than half are 51% attacks, and small and medium-sized public chains are more threatened

A total of more than 8 public chain attacks occurred in 2019, more than half of which were 51% attacks. Compared to 2018, the frequency of attacks was reduced, causing less losses.

In the public chain attack event, on January 5th, Ethereum Classic (ETC) was repeatedly attacked by 51%, and 80,000 ETC were used for double spending. On August 9, hackers launched a "dust attack" on Litecoin, affecting 294,582 addresses. At present, except for sufficiently large public chains such as BTC and ETH, it is almost impossible to suffer a 51% attack. All non-large public chains and some small public chain currencies should be careful of the threat from 51% attacks.

When dealing with 51% attacks, you should try to keep the computing power scattered as much as possible. The excessively concentrated computing power is the direct cause of 51% attacks. Based on Satoshi ’s consensus, 51% attacks are theoretically permanent and have a well-established wind. Controlling the early warning mechanism, the exchange adopts a good defense mechanism, and can increase block confirmations, suspend deposits and withdrawals, and freeze suspicious accounts to avoid losses in a timely manner when it encounters 51% attacks.

Overall users' security awareness rises in 2019

Loss of assets caused by improper use by individual users

In 2019, the overall user's security awareness increased, and there were still individual users who lost assets due to improper use of wallet private keys and access to phishing websites.

Bitcoin becomes the most digital currency with dark web traffic in 2019

The total value of transactions for the year is approximately $ 1.035 billion

In 2019, the dark web is still an illegal place for cyber crimes. Using the anonymity of digital currencies to conduct transactions and evade supervision, Bitcoins worth US $ 1.035 billion have been used for illegal activities throughout the year. The largest category is pharmaceuticals. Bitcoin is also the most popular digital currency, followed by Litecoin.

There are a variety of illegal goods sold on the dark web, mainly involving data, information, illegal software, arms, drugs, etc. Criminals choose digital currencies as transaction currencies, such as:

More than $ 5 billion in money laundering cases investigated and handled in 2019

Among them Bitcoin is the preferred money laundering tool

Over 5 billion U.S. dollars in money laundering cases that have been investigated and dealt with in 2019 have been conducted through cryptocurrencies, of which Bitcoin is the first choice for criminals to launder money. Digital currency has become an important tool for money laundering by criminals around the world. At present, there are 100-200 gambling sites around the world that can use digital currency to make gambling payments. Criminals open accounts on these websites, and then transfer funds into the account to conduct some small gambling, and some do not even gamble, and then withdraw money to a new address to achieve money laundering purposes.

Cyber ​​ransomware attacks cost up to $ 1.5 billion in 2019

Various types of fraud crimes are still rampant

Cybercrimes include fraud, extortion, and the disruption of related blockchain service application providers. Criminals use the anonymity of bitcoin, more often choose bitcoin as a ransom, and use blackmail or some other illegal means to blackmail Extortion.

In 2019, cyber ransomware attacks caused global losses of USD 500-1.5 billion, an increase of 20% compared to last year. The criminal activities of extorting digital currencies have continued, even increased. In addition, this year is still a year of various types of fraud and crimes, and various types of cyber frauds still account for a large proportion of cyber crimes. The more typical cases are as follows:

The project party runs over 25 billion yuan in funds

Plustoken wallet running incident involves 20 billion yuan

Among the many fund, MLM, wallet, and exchange run events in 2019, the most notable event was the Plustoken wallet run event on June 29. Many users reported that the Plustoken wallet could no longer be withdrawn, and the project of the Plustoken wallet. Fang was suspected to be on the road, and the amount involved may exceed 20 billion yuan. As of the beginning of December, this year's blockchain project parties involved in this year involved more than 25 billion yuan in funds.

Mining difficulty increases and returns decrease

Malicious illegal mining indirectly causes social loss

Electricity consumption is the main cost of mining, and it is also the key to determining mining profits. As the difficulty of mining increases, the income from mining by normal means has become lower and lower, and many people have started the illegal mining. idea. Illegal mining method-The mining Trojan obtains the reward of the digital currency system by completing a large number of calculations. The mining Trojan and worm will occupy a lot of CPU and GPU resources of the computer during the calculation process, causing the computer to become abnormally slow. It interferes with the operation of normal systems, and the speed of transmission and the large amount of infection bring great impact and loss to government agencies and business services.

Over 5 more typical information leakage events throughout the year

Huge hidden dangers in user personal data due to centralized operation

In 2019, there were more than 5 more typical information leakage incidents. Since many exchanges and wallets are still centralized operations, users' personal data will inevitably be stored. Once attacked, hackers may obtain A large amount of user data, and sell the data through the dark web and other methods to obtain huge profits.

Summary and suggestions

Digital currency is used for a large number of transactions such as fake passports, providing pornographic services, transferring illegal assets, buying and selling drugs and underground arms, which will disrupt social order, pose a threat to the stable development of society, and affect the development of enterprises operating in the industry. It is undoubtedly extremely harmful to the entire digital currency industry, to the financial industry, and to the entire society.

From the perspective of system architecture, related enterprises and professional blockchain security research should organize cooperation to find and repair system vulnerabilities in time to avoid serious large-scale capital theft incidents. Managers of corporate website and server resources should deploy an enterprise-level network security protection system to prevent corporate servers from being invaded and installing mining viruses, and to prevent ransomware attacks.

For netizens participating in digital virtual currency transactions, they should fully understand the possible risks, use security software on computer and mobile phones, avoid falling into phishing traps, and avoid theft of digital virtual currency wallets.

For ordinary netizens, computer poisoning should be prevented from becoming a "miner" under control, and game plug-ins, cracking software, and video website client cracking tools should be used with caution. These softwares are more likely to be maliciously implanted with malicious programs. For virtual currencies, beware of speculation.