2025 Mid-year Blockchain Security and AML Report
Contents
Table of Contents
I. Introduction
2
II. Blockchain Security Trends
2
2.1 Overview of Blockchain Security Incidents
2
2.2 Fraud Tactics
4
2.2.1 Phishing Using EIP-7702
4
2.2.2 Deepfakes
7
2.2.3 Telegram Fake Safeguard Scam
11
2.2.4 Malicious Browser Extensions
15
2.2.5 LinkedIn Recruitment Phishing
21
2.2.6 Social Engineering Attacks
25
2.2.7 Backdoor Supply Chain Attacks via Low-Cost AI Tools
29
2.2.8 Unrestricted Large Language Models (LLMs)
31
III. Anti-Money Laundering Landscape
34
3.1 Global Regulatory Developments
34
3.1.1 Asia
34
3.1.2 Europe
38
3.1.3 North America
39
3.1.4 Latin America
40
3.1.5 Middle East
41
3.2 Frozen & Recovered Funds
42
3.3 Threat Actor Developments
44
3.3.1 Lazarus Group
44
3.3.2 Drainers
56
3.3.3 HuionePay
60
3.4 Mixing Services
69
3.4.1 Tornado Cash
69
3.4.2 eXch
70
IV. Summary
74
V. Disclaimer
74
VI. About Us
75
1
I. Introduction
In the first half of 2025, the blockchain industry continued its rapid development while grappling
with increasingly complex security threats and compliance challenges. On the one hand, hacker
attacks remained highly active. APT groups demonstrated more modular and systematic attack
techniques, while phishing and social engineering attacks became rampant, leading to significant
asset losses and a growing crisis of user trust. On the other hand, the global regulatory landscape
evolved rapidly, with governments and international organizations …
I. Introduction
2
II. Blockchain Security Trends
2
2.1 Overview of Blockchain Security Incidents
2
2.2 Fraud Tactics
4
2.2.1 Phishing Using EIP-7702
4
2.2.2 Deepfakes
7
2.2.3 Telegram Fake Safeguard Scam
11
2.2.4 Malicious Browser Extensions
15
2.2.5 LinkedIn Recruitment Phishing
21
2.2.6 Social Engineering Attacks
25
2.2.7 Backdoor Supply Chain Attacks via Low-Cost AI Tools
29
2.2.8 Unrestricted Large Language Models (LLMs)
31
III. Anti-Money Laundering Landscape
34
3.1 Global Regulatory Developments
34
3.1.1 Asia
34
3.1.2 Europe
38
3.1.3 North America
39
3.1.4 Latin America
40
3.1.5 Middle East
41
3.2 Frozen & Recovered Funds
42
3.3 Threat Actor Developments
44
3.3.1 Lazarus Group
44
3.3.2 Drainers
56
3.3.3 HuionePay
60
3.4 Mixing Services
69
3.4.1 Tornado Cash
69
3.4.2 eXch
70
IV. Summary
74
V. Disclaimer
74
VI. About Us
75
1
I. Introduction
In the first half of 2025, the blockchain industry continued its rapid development while grappling
with increasingly complex security threats and compliance challenges. On the one hand, hacker
attacks remained highly active. APT groups demonstrated more modular and systematic attack
techniques, while phishing and social engineering attacks became rampant, leading to significant
asset losses and a growing crisis of user trust. On the other hand, the global regulatory landscape
evolved rapidly, with governments and international organizations …