Panoramic scanning 2019 blockchain security incident: digital assets were stolen and the project party ran away.
Original: PAData PANews

Editor | Zhou Wenyi Source | PANews
Data and Analysis Support | Chengdu Chain Security
PAData Insight:
This year, blockchain security incidents have occurred more than 10,000 times, and the cumulative global losses have exceeded 6 billion US dollars.
Among digital asset crimes, the United States accounts for 28%, which is the largest in the world, Europe accounts for 24% and China accounts for 18%.
This year, there have been more than 28 exchange security incidents, of which more than 7 have been stolen from exchange digital assets.
More than 100 smart contract vulnerabilities have accumulated losses of more than 10 million US dollars, of which EOS DApp attacks have exceeded 60 at most, accounting for 67%.
There were more than 7 wallet security incidents in the whole year, with losses exceeding 100 million RMB.
Digital currency, which has the largest traffic of bitcoin in the dark network this year, has a total transaction value of about $1.035 billion.
This year’s cyber blackmail attacks caused losses of up to $1.5 billion, up 20% year-on-year, and various fraud crimes are still rampant.
Security has always been a hot issue in the industry. According to Chengdu Chain Security Report, in 2019, blockchain security problems caused by blockchain digital assets showed an overall upward trend, and security incidents caused by various reasons also increased significantly. There were various crimes in digital currency, including money laundering, fraud, theft, drug trafficking and mining crimes. Due to the poor security of digital currency trading platform and the complex data structure and algorithm, the work efficiency is low, especially the irregular operation behavior, which hinders the development of digital currency.
In security incidents, the project party runs away and involves the most funds.
The United States became the hardest hit area for digital asset crimes in 2019.
According to Chengdu Lian ‘an statistics, in 2019, the United States accounted for 28% of digital asset crimes, with Europe accounting for 24%, followed by China accounting for 18%. According to statistics, from January 2019 to mid-December 2019, there were more than 10,000 hacking incidents of digital assets around the world, and there were as many as 2,000 criminal cases related to digital assets in China.

In 2019, criminal means emerged in an endless stream, ransomware and money-plate running patterns were newly turned over, criminal gangs came from a wide range, and the number of criminal cases and the total amount involved in criminal activities showed an increasing trend.

In 2019, the types of global digital asset crimes include hacking, money-raising, money laundering, and illegal transactions in secret networks, with a total loss of more than 6 billion US dollars. The amount involved in cyber crimes and secret network transactions is roughly the same, and the amount involved in the project’s road running is more than twice that of the first two, of which the loss caused by system loopholes exceeds 1 billion US dollars.
In terms of hacker attacks, assets are stolen mainly for five reasons, namely, exchange loopholes, smart contract loopholes, wallet loopholes, public chain loopholes and improper use by users.

In 2019, there were more than 28 exchange security incidents.
More than 70% of digital assets were stolen.
In 2019, there were more than 28 exchange security incidents, among which more than 70% became the theft of exchange digital assets. From January, the Cryptopia exchange was hacked twice, and the stolen ETH and ERC20 currency tokens lost more than 16 million US dollars. On November 27th, 340,000 ETH was stolen from South Korea’s Upbit exchange, with an estimated loss of more than 49 million US dollars. The rest included the escape of the exchange, information leakage of the exchange and other asset losses, with a total loss of more than $1.3 billion.

On the morning of May 8, 2019, the official of Qian ‘an issued a notice saying that "large-scale security vulnerabilities" were found in the system. Hackers used composite technologies, including phishing and viruses, and stole 7,000 bitcoins from Qian ‘an Hot Wallet at a block height of 575,012. Causing the exchange to lose $41 million.
On November 27, 2019, the UpBit security system of the Korean exchange was destroyed and 34,200 ethereal coins were stolen. Causing the exchange to lose more than 50 million US dollars.

More than 100 smart contract vulnerabilities have accumulated losses of more than 10 million US dollars.
There are more than 60 EOS DApp attacks, accounting for 67%.
In 2019, the number of DApp continued to increase. According to statistics, as of the beginning of December, the total number of DApp currently running on public chains such as ETH, EOS and Wave Field exceeded 3,000, and there were more than 100 smart contract vulnerabilities this year, most of which were hacked in EOS DApp. Up to now, the total loss of DApp was over 10 million US dollars.
There are over 60 typical attacks on EOS public chain this year, and the concentrated outbreak period is from January to April, accounting for 67% of the attacks in the whole year. The main reason is the continuous popularity of spinach applications on EOS public chain and the weak security of project contract code, which leads hackers to continuously attack the same vulnerability on multiple DApp. The main methods are transaction blocking, rollback transaction attack, fake EOS attack, random number cracking and so on.
There have been nearly 20 typical attacks on the TRON public chain this year, mainly in April, May and July, with small-scale attacks as the main method and rollback transactions as the main method.
There has been no serious DApp attack on the ETH public chain this year. First, the number of spinach quiz contracts on the ETH public chain is small, and the popularity is not enough. Second, the ETH smart contract project is relatively perfect in terms of security.


There were more than seven wallet security incidents in 2019.
June is the high incidence period of wallet security incidents.
Due to the low entry threshold and poor security, in the absence of supervision, wallet security problems have broken out repeatedly, and it is easy to break out with huge sums of money. At present, there are many hidden dangers in wallet security, including the forgery of wallet APP, the failure to detect weak password in transaction password, the failure to reinforce the core code, the failure to detect the running environment of the system, and the existence of screen capture and recording records in operation.
Since at the beginning of June this year, the wallet GateHub broke out that it had been stolen by more than 23 million XRP, and there were more than 7 wallet security incidents in the whole year, with a loss of over 100 million RMB.

On October 11th, the cryptocurrency wallet ZenGoCEO Ouriel Ohayon tweeted that Safuwallet, a web cryptocurrency wallet, had been stolen by hackers by injecting malicious code.
From August to September, the bitcoin wallet Electrum was attacked by hackers twice. According to many statistics, the phishing attack that forged Electrum upgrade tips has stolen at least 1,450 BTCs, worth 11.6 million US dollars.

There have been more than 8 public chain safety incidents.
More than half of them are 51% attacks, and small and medium-sized public chains are even more threatened.
In 2019, there were more than 8 attacks on public chains, more than half of which were 51% attacks, which reduced the frequency of attacks compared with 2018, resulting in less losses.

Among the public chain attacks, on January 5th, ETC was attacked by 51% for many times, and 80,000 ETCs were used for double flowers. On August 9, hackers launched a "dust attack" on Litecoin, and the affected addresses reached 294,582. At present, it is almost impossible for large enough public chains such as BTC and ETH to be attacked by 51%. All non-large public chains and some small public chain currencies should be careful of the threat from 51% attacks.

When dealing with 51% attacks, we should try our best to keep the computing power scattered. Overconcentrated computing power is the direct cause of 51% attacks. On the basis of Satoshi Nakamoto’s consensus, 51% attacks theoretically exist forever. We should set up a sound early warning mechanism for risk control and adopt a good defense mechanism for exchanges. In case of 51% attacks, we can increase the number of block confirmations, suspend the withdrawal of money, freeze suspicious accounts and other measures to avoid losses in time.
In 2019, the overall safety awareness of users increased.
Improper use by individual users causes asset losses.
In 2019, the overall users’ security awareness increased, and some users still suffered asset losses due to improper operation of wallet private keys and access to phishing websites.

In 2019, Bitcoin became the digital currency with the most traffic in the dark network.
The total transaction value in the whole year was about $1.035 billion.
In 2019, the dark net is still an illegal place for cyber crimes, trading by taking advantage of digital currency’s anonymity to avoid supervision. In the whole year, 1.035 billion dollars worth of bitcoin has been used for illegal activities. The largest category of bitcoin traded in the dark net is drugs, and bitcoin is also the most popular digital currency, followed by Litecoin.
There are many kinds of illegal goods sold in the dark net, mainly involving data, information, illegal software, arms, drugs, etc., and criminals choose digital currency as the trading currency, for example:

In 2019, more than $5 billion in money laundering cases were investigated.
Among them, Bitcoin is the preferred money laundering tool.
In the money laundering cases investigated in 2019, more than 5 billion US dollars were conducted through cryptocurrency, among which Bitcoin was the first choice for criminals to launder money. Digital currency has become an important tool for criminals to launder money around the world. At present, there are 100-200 gambling sites companies in the world that can use digital currency to pay for gambling. Criminals open accounts on these websites, then transfer funds into accounts, engage in some small-scale gambling, and some even do not gamble, and then withdraw money to a new address to achieve the purpose of money laundering.

In 2019, cyberblackmail attacks caused at most $1.5 billion in losses.
All kinds of fraud crimes are still rampant.
Cybercrime includes fraud, extortion, and the destruction of related blockchain service providers. Criminals take advantage of the anonymity of Bitcoin, choose Bitcoin as ransom more frequently, and conduct extortion activities through ransomware or some other illegal means.
In 2019, the cyber extortion attacks caused a loss of $500-150 million to the world, which was 20% higher than last year. The criminal activities of extorting and extorting digital currency have been continuous, even increasing. In addition, this year is still a year of rampant fraud crimes, and all kinds of online fraud incidents still account for a large proportion of online criminal activities. Typical cases are as follows:

The project party’s running involves more than 25 billion yuan.
Plustoken wallet running event involves 20 billion yuan.
In 2019, among the many events of capital plates, pyramid schemes, wallets and exchanges, the most notable event was the incident of Plustoken wallet running on June 29th. On that day, many users reported that Plustoken wallet could not be withdrawn, and the project party of Plustoken wallet was suspected of running, and the amount involved may exceed 20 billion yuan. As of the beginning of December, the blockchain project that ran this year involved more than 25 billion yuan.

The difficulty of mining increases and the income decreases.
Malicious illegal mining indirectly causes social losses.
Power consumption is the main cost of mining, and it is also the key to determine the benefits of mining. With the increasing difficulty of mining, the benefits of normal mining have become lower and lower, and many people have played the wrong idea of illegal mining. Illegal means of mining-Mining Trojans get rewards from digital currency system by completing a large number of calculations. Mining Trojans and worms will occupy a lot of CPU and GPU resources of the computer in the process of calculation, which will cause the computer to become abnormally slow, interfere with the normal system operation, and spread at a high speed, causing great impact and loss to government agencies and enterprise services.

More than 5 typical information leakage incidents in the whole year.
User’s personal data has great hidden dangers due to centralized operation mode.
In mid-2019, a total of more than five typical information leakage incidents were reported. Because many exchanges and wallets are still centralized, it is inevitable to store users’ personal data. Once attacked, hackers may obtain a large number of user data, and sell data through dark networks and other means to obtain huge profits.

Summary and suggestions
Digital currency is widely used for handling fake passports, providing pornographic services, transferring illegal assets, buying and selling drugs and underground arms, which will disrupt social order, pose a threat to the stable development of society, and will also affect the development of enterprises operating normally in the industry, which is undoubtedly extremely harmful to the whole digital currency industry, the financial industry and the whole society.
From the system architecture, related enterprises and professional blockchain security research should organize cooperation to find and fix system vulnerabilities in time to avoid serious large-scale fund theft. Managers of enterprise websites and server resources should deploy enterprise-level network security protection systems to prevent enterprise servers from being invaded and installed with mining viruses and from being infringed by blackmail viruses.
For netizens who participate in digital virtual currency trading, they should fully understand the possible risks and use security software on the computer and mobile phone to avoid falling into the phishing trap and avoiding the theft of digital virtual currency wallets.
For ordinary netizens, computer poisoning should be prevented from becoming a controlled "miner", and game plug-ins, cracking software and video website client cracking tools should be used cautiously, which are more likely to be artificially implanted with malicious programs. For virtual currency, we should guard against speculation.
Original title: "Panoramic scanning 2019 security incident: 28 exchange cases involving $1.3 billion, and the project party ran away with $25 billion"
Read the original text