2022 Blockchain Security and AML Analysis Annual Report
Contents
0
Table of Contents
I. Background
2
1.1 Blockchain Security
3
1.2 Blockchain Anti-Money Laundering
5
II. Current State of Blockchain Security
14
2.1 Overview of Blockchain Security
14
2.1.1 BlockChains
14
2.1.2 DeFi / Cross-Chain Bridges
14
2.1.3 NFT
17
2.1.4 Wallets / Exchanges
17
2.1.5 Others
20
2.2 Attack Methods
22
2.3 Phishing/Scam Methods
24
2.3.1 Use of Malicious browser Bookmark to steal Discord Token
24
2.3.2 “Zero Dollar Purchase” NFT Phishing
26
2.3.3 Redline Stealer Trojan Horse Currency Theft
27
2.3.4 “Blank Check” eth_sign Phishing
28
2.3.5 Same Ending Number + TransferFrom Zero Transfer Scam
29
2.4 Top 10 Security Incident Losses
31
2.4.1 Ronin Network Losses Exceed $610 Million
31
2.4.2 BNBChain Vulnerability Exploit
32
2.4.3 Wormhole’s Loses Over $300 Million
32
2.4.4 Beanstalk Farms Attacked by Flash Loans and Proposals
33
2.4.5 Wintermute Loses $160 million
33
2.4.6 Nomad Bridge Hacked
33
2.4.7 Elrond Suffers Security Breach
34
1
2.4.8 Mango Extracts $100 Million for Price Fixing
34
2.4.9 Harmony Loses Over $100 Million
34
2.4.10 Qubit Losses $80 Million in Attack
35
III. AML Analysis of Top 10 Security Incidents
35
3.1 Tools & Methods
35
3.1.1 Basic Tools - MistTrack
36
3.1.2 Expanded Methodology - Data Analysis
38
3.2 Detailed AML Analysis
41
3.2.1 Ronin Network
41
3.2.2 Wormhole
47
3.2.3 Beanstalk Farms
48
3.2.4 Harmony
50
IV. …
Table of Contents
I. Background
2
1.1 Blockchain Security
3
1.2 Blockchain Anti-Money Laundering
5
II. Current State of Blockchain Security
14
2.1 Overview of Blockchain Security
14
2.1.1 BlockChains
14
2.1.2 DeFi / Cross-Chain Bridges
14
2.1.3 NFT
17
2.1.4 Wallets / Exchanges
17
2.1.5 Others
20
2.2 Attack Methods
22
2.3 Phishing/Scam Methods
24
2.3.1 Use of Malicious browser Bookmark to steal Discord Token
24
2.3.2 “Zero Dollar Purchase” NFT Phishing
26
2.3.3 Redline Stealer Trojan Horse Currency Theft
27
2.3.4 “Blank Check” eth_sign Phishing
28
2.3.5 Same Ending Number + TransferFrom Zero Transfer Scam
29
2.4 Top 10 Security Incident Losses
31
2.4.1 Ronin Network Losses Exceed $610 Million
31
2.4.2 BNBChain Vulnerability Exploit
32
2.4.3 Wormhole’s Loses Over $300 Million
32
2.4.4 Beanstalk Farms Attacked by Flash Loans and Proposals
33
2.4.5 Wintermute Loses $160 million
33
2.4.6 Nomad Bridge Hacked
33
2.4.7 Elrond Suffers Security Breach
34
1
2.4.8 Mango Extracts $100 Million for Price Fixing
34
2.4.9 Harmony Loses Over $100 Million
34
2.4.10 Qubit Losses $80 Million in Attack
35
III. AML Analysis of Top 10 Security Incidents
35
3.1 Tools & Methods
35
3.1.1 Basic Tools - MistTrack
36
3.1.2 Expanded Methodology - Data Analysis
38
3.2 Detailed AML Analysis
41
3.2.1 Ronin Network
41
3.2.2 Wormhole
47
3.2.3 Beanstalk Farms
48
3.2.4 Harmony
50
IV. …