SlowMist: 410 security incidents occurred in the encryption field in 2024, with losses reaching US$2.013 billion, a year-on-year decrease of 19.02%

Security agency SlowMist recently released the "2024 Blockchain Security and Anti-Money Laundering Annual Report", which pointed out: According to the SlowMist Hacked Archive, there were 410 security incidents in 2024, with losses of up to $2.013 billion. Compared with 2023 (464 incidents in total, losses of approximately $2.486 billion), the losses decreased by 19.02% year-on-year. DeFi is still the most frequently attacked area. In 2024, there were 339 DeFi security incidents, accounting for 82.68% of the total number of security incidents, with losses of up to $1.029 billion, compared with 2023 (282 incidents in total, losses of approximately $773 million), losses increased by 33.12% year-on-year. From an ecological perspective, Ethereum had the highest loss, reaching $465 million. BSC was second, reaching $87.35 million. From the perspective of the causes of the incidents, the most security incidents were caused by contract vulnerabilities, reaching 99, resulting in a loss of approximately US$214 million. The second most common security incident was caused by hacked accounts. The top 10 security attack incidents and the amounts involved in 2024 include: DMM Bitcoin ($305 million), PlayDapp ($290 million), WazirX ($230 million), BtcTurk ($90 million), Munchables ($62.5 million), Radiant Capital ($50 million), BingX ($45 million), Hedgey Finance ($44.7 million), Penpie ($27.35 million), and FixedFloat ($26.1 million). There were 58 Rug Pull incidents in 2024, resulting in a loss of approximately US$106 million. Among them, the ZKSync ecosystem suffered the highest loss, reaching US$36.95 million, and the BSC ecosystem had the most runaway incidents, reaching 28. In 2024, wallet phishing attacks caused losses of approximately $494 million, a year-on-year increase of 67%. Although the number of victims increased by only 3.7% (reaching 332,000 addresses), the loss of a single attack increased significantly, with the largest single theft amount reaching $55.48 million. In addition, according to statistics, the attack activities throughout the year were divided into three stages: the first quarter had the heaviest losses, reaching $187 million and 175,000 victims. The highest loss was $75 million in March. The losses in the second and third quarters totaled $257 million, and the number of victims dropped to 90,000. In the fourth quarter, the losses dropped to $51 million and the number of victims dropped to 30,000, indicating improved security. There were 30 cases of more than $1 million throughout the year, with a total loss of $171 million, an average loss of $5.7 million per victim, and the largest single theft of $55.48 million. The report also provides a detailed introduction to specific fraud methods, anti-money laundering and regulatory trends; according to statistics, among the 410 security incidents, there were 24 incidents in which the lost funds were fully or partially recovered after the attack. According to the disclosed data, a total of approximately US$166 million was returned, accounting for 8.25% of the total security losses (approximately US$2.013 billion).