- SlowMist assisted in freezing $20.66 million in stolen funds across 13 platforms in Q2 2024.
- Private key leaks, often due to improper storage in cloud services, were a major theft cause in Q2 2024.
- Phishing attacks exploiting fake Twitter accounts and comments under popular tweets were prevalent in Q2 2024.
Blockchain security firm SlowMist released its Q2 2024 analysis, detailing trends in cryptocurrency theft. The firm received 467 stolen fund reports, with 146 from international sources and 321 domestic. Based solely on form submissions, SlowMist’s team provided free assessments for victims.
In Q2 2024, SlowMist’s efforts led to the freezing of approximately $20.66 million in stolen funds across 13 platforms, assisting 18 victims. The primary causes of these thefts were private key leaks and phishing attacks.
Private key leaks proved a major vulnerability, with users often storing their keys or mnemonic phrases on cloud services like Google Docs and Tencent Docs, or even sharing them via messaging apps like WeChat. Hackers exploited these practices, using “credential stuffing” techniques to gain access to cloud services with leaked credentials, thus easily stealing crypto information.
Phishing attacks also contributed to numerous thefts in Q2 2024. Scammers posed as customer service agents to trick victims into revealing their mnemonic phrases, or used phishing links on platforms like Discord to obtain private key information. Fake wallets presented another threat, with users unknowingly downloading malicious wallet apps through search engine ads or third-party sites.
Analysis revealed that roughly 80% of the first comments under tweets from prominent project accounts were phishing scams. Scammers purchased Twitter accounts with established follower counts and post histories to appear legitimate, then posted phishing links to deceive users.
Honeypot scams were also prevalent in Q2 2024, luring investors with attractive prospects but preventing them from selling their purchased tokens. Many honeypot incidents occurred on the Binance Smart Chain (BSC), where scammers created tokens with fake trading activity to simulate widespread participation.
SlowMist continues to offer free community assistance services for evaluating stolen cryptocurrency cases. With extensive experience in anti-money laundering and comprehensive investigation tools, the firm aims to enhance digital asset security and foster a healthier cryptocurrency ecosystem.
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.