Web3 hacker attacks, phishing scams, etc. caused $454 million in losses in May

Source: Beosin

It's time for the monthly security inventory again! According to Beosin Alert, a blockchain security audit company, the amount of losses from various security incidents in May 2024 increased significantly compared with April. More than 28 typical security incidents occurred in May 2024, and the total loss caused by hacker attacks, phishing scams and Rug Pulls reached US$454 million, an increase of about 349% from April. Among them, the attack incidents were about US$355 million, an increase of about 574%; the phishing scam incidents were about US$97.4 million, an increase of about 754%; and the Rug Pull incidents were about US$2.04 million, a decrease of about 94.5%.

The biggest security incident this month was the loss of about US$300 million in Bitcoin by the Japanese crypto exchange DMM Bitcoin. In addition, there were two hacker attacks with losses of more than 10 million US dollars: the game platform Gala Games lost US$22.5 million due to private key leaks, and Sonne Finance lost US$20 million due to contract vulnerabilities. Phishing scams increased significantly this month, with multiple phishing scams involving losses exceeding $1 million, including one address poisoning scam involving a loss of $72 million. Crypto crime cases continued to increase this month, with multiple crimes involving more than $100 million.

Hacker attacks

A total of 12 typical security incidents occurred

No.1 On May 5, GNUS on the Fantom chain was attacked, resulting in a loss of approximately $1.27 million.

No.2 On May 9, the Blast ecosystem Bloom project was attacked, resulting in a loss of approximately $540,000. 90% of the stolen funds have been recovered (minus 10% of the bug bounty).

No.3 On May 10, the Web3 game project Galaxy Fox was attacked, resulting in a loss of approximately $300,000.

No.4 On May 10, the Base ecosystem Tsuru was attacked, resulting in a loss of approximately $410,000.

No.5 On May 14, the Arbitrum chain DEX project Predy Finance was attacked and lost about $460,000.

No.6 On May 15, Bitcoin DeFi tool Alex Lab lost a total of about $6.3 million on Stacks and BSC chains due to the theft of private keys.

No.7 On May 15, the Compound fork project Sonne Finance on the Optimism chain was attacked due to a contract vulnerability, with a loss of $20 million.

No.8 On May 16, the Solana ecological pump.fun project was attacked and lost about $1.9 million. Afterwards, the former employee of the project openly admitted the theft on Twitter.

No.9 On May 20, the Web3 game platform Gala Games was hacked, and the hacker minted 5 billion GALA tokens. The attacker has returned ETH worth about $22.5 million.

No.10 On May 21, the TON ecosystem Launchpad platform TonUP was attacked due to engineers misconfiguring script parameters, resulting in a loss of approximately $107,000.

No.11 On May 26, the Base ecosystem Meme coin Normie was attacked, resulting in a loss of approximately $490,000.

No.12 On May 31, the Japanese crypto exchange DMM Bitcoin was attacked, resulting in a loss of up to $300 million. About 4,502 BTC were dispersed across 10 addresses.

Phishing/Rug Pull

A total of 『6』 typical security incidents occurred

No.1 On May 3, a giant whale address suffered an address poisoning scam, resulting in a loss of $72 million.

No.2 On May 14, the fake Pii Park project on the Polygon chain was rigged, and the deployer made a profit of about $490,000.

No.3 On May 14, a certain address starting with 0xff49 was phished by Pink Drainer, with a loss of about $1.66 million.

No.4 On May 16, a certain address starting with 0x719e was phished, with a loss of about $1.25 million.

No.5 On May 18, a certain address starting with 0xee6a was phished, with a loss of about $5.6 million worth of Pendle yield tokens.

No.6 On May 26, a certain address starting with 0x2154 was phished, with a loss of about $6.9 million.

In terms of crypto crime

A total of 10 typical security incidents occurred

No.1 On May 2, the US FBI uncovered a Ponzi scheme that used crypto investment as bait, involving $43 million.

No.2 On May 10, the Jilin police uncovered a case of illegal operation of underground banks using virtual currency, involving an amount of about 2.14 billion yuan.

No.3 On May 14, Alexey Pertsev, one of the developers of Tornado Cash's currency mixing service, was convicted of money laundering and sentenced to 64 months in prison in the Netherlands.

No.4 On May 15, the Chengdu Public Security Bureau recently cracked a large underground bank case using USDT as a medium, involving up to 13.8 billion yuan.

No.5 On May 15, the Canadian "King of Cryptocurrency" and his accomplices were arrested and accused of defrauding investors of $30 million through cryptocurrency and foreign exchange investment plans.

No.6 On May 17, the U.S. Department of Justice arrested two Chinese nationals for allegedly leading a money laundering scheme related to an international cryptocurrency investment scam, with an amount of at least $73 million.

No.7 On May 21, U.S. authorities arrested and charged a Taiwanese man with operating a dark web drug trading market, allegedly using the website to sell more than $100 million worth of illegal narcotics, including fentanyl, in cryptocurrency.

No.8 On May 24, Jian Wen, a Chinese-British woman, was sentenced to 6 years and 8 months in prison by a British court for assisting in the UK's 61,000 Bitcoin money laundering case (Tianjin Lantian Ge Rui's 43 billion yuan illegal fundraising case).

No.9 On May 26, the former president of Heartland Tri-State Bank in the United States pleaded guilty to embezzling $47.1 million and causing the bank to collapse. The embezzled funds were transferred to cryptocurrency accounts.

No.10 On May 31, Turkey detained 127 suspects suspected of "international fraud through a Ponzi scheme", which allegedly stole more than $1 billion in the past few years.

Regulation, compliance, and policy

No.1 On May 7, Emilio B. Aquino, chairman of the Philippine Securities and Exchange Commission (SEC), said that the commission plans to launch a regulatory framework for crypto assets and their transactions in the second half of this year. Cryptocurrency exchanges targeting Filipinos must obtain the necessary licenses required by Republic Act No. 8799 before commencing operations.

No.2 On May 22, the U.S. House of Representatives passed a bill by 279 votes to 136 to create a new legal framework for digital currency - the 21st Century Financial Innovation and Technology Act (FIT21), which aims to clarify the regulatory responsibilities of the U.S. SEC and CFTC for digital assets.

No.3 On May 28, the South African Financial Intelligence Centre (FIC) proposed a directive on the transfer of crypto assets. The directive follows the South African Financial Sector Conduct Authority's licensing of 75 crypto asset service providers (CASPs). FIC aims to tighten regulation by requiring CASPs to implement more detailed and stricter requirements for digital transactions.

No.4 On May 29, Canada is expected to adopt the International Crypto Asset Reporting Framework (CARF) for taxation by 2026, which will impose new reporting requirements on crypto asset service providers (CASPs), such as cryptocurrency exchanges, crypto asset brokers and dealers, and crypto asset ATM operators, whether individuals or corporate entities.

No.5 On May 31, the Acting Financial Secretary of the Hong Kong Special Administrative Region Government, Michael Wong Wai-lun, delivered a keynote speech at the 2024 Caixin Summer Summit, saying that Hong Kong will continue to fully promote financial innovation, with key areas including DeFi (decentralized finance) and virtual assets related to financial technology, green finance, and Web3 (third-generation Internet).

In view of the new situation in the current blockchain security field, "Beosin" summarizes here:

Overall, the amount of losses from various blockchain security incidents increased in May 2024. This month's attacks involved many chain platforms, including Ethereum, BNB Chain, Blast, Fantom, Stacks, Optimism, Arbitrum, Solana, Ton, Base, etc., indicating that hackers are looking for opportunities on different chains. It is recommended that all project parties and users should improve their security awareness. This month, phishing scams have increased significantly. Users are advised to properly keep private keys, carefully verify signature information, and carefully check the correctness of addresses before transferring money.