
May Security and Regulatory Report: Total Losses Reach $183 Million
TechFlow Selected TechFlow Selected

May Security and Regulatory Report: Total Losses Reach $183 Million
In June 2024, there were over 18 notable security incidents, resulting in total losses of $183 million due to hacker attacks, phishing scams, and rug pulls, a decrease of approximately 60% compared to May.
By Beosin
It’s time for the monthly security roundup again! According to monitoring by blockchain security audit firm Beosin Alert, total losses from various security incidents in June 2024 dropped significantly compared to May. Over "18" notable security incidents occurred in June 2024, resulting in total losses of $183 million due to hacking attacks, phishing scams, and rug pulls—about 60% lower than in May. Specifically, attack-related losses amounted to approximately $141 million (down ~60%), phishing scams caused around $37.4 million in losses (down ~61.6%), while rug pulls reached about $4.12 million (up ~102%).
This month saw multiple hacking incidents each causing over ten million dollars in losses, affecting diverse project types: UK-based exchange Lykke, DeFi lending platform UwU Lend, NFT protocol Holograph, Turkish exchange BtcTurk, and portfolio management company CoinStats. Additionally, two phishing incidents exceeding ten million dollars in losses also occurred, reminding users to remain vigilant.
Nine typical hacking incidents occurred this month
No.1 On June 2, DEX project Velocore was attacked on zkSync Era and Linea chains, suffering losses of approximately $6.8 million.
No.2 On June 4, UK cryptocurrency exchange Lykke was hacked, with $22 million worth of crypto assets stolen.
No.3 On June 9, Ethereum Layer 2 protocol Loopring's wallet was compromised, losing around $5 million.
No.4 On June 10, DeFi lending platform UwU Lend was attacked, resulting in nearly $19.3 million stolen. On June 13, UwU Lend was attacked again by the same hacker, losing another $3.72 million.
No.5 On June 10, Blast ecosystem project YOLO Games suffered a $1.5 million theft due to a smart contract vulnerability.
No.6 On June 14, cross-chain NFT protocol Holograph was attacked. The hacker illegally minted one billion HLG tokens, causing total losses of about $14.4 million.
No.7 On June 22, Turkish cryptocurrency exchange BtcTurk reported being hacked, losing at least $55 million.
No.8 On June 22, online betting platform Sportsbet was attacked by the same hacker who breached BtcTurk, losing over $3.5 million.
No.9 On June 22, cryptocurrency portfolio management company CoinStats was attacked due to server configuration errors, suffering losses of approximately $10 million.
Five typical phishing/rug pull incidents occurred this month
No.1 On June 1, an address starting with 5G9Dpk fell victim to a phishing attack, losing around $11.2 million.
No.2 On June 5, an address starting with 0xa38a was phished, losing about $2.12 million.
No.3 On June 8, ZKsync-based project Gemholic executed a rug pull, causing losses of approximately $3.4 million.
No.4 On June 22, Solana-based project GUNIT conducted a rug pull, with scammers profiting around $720,000.
No.5 On June 23, an address starting with 0xfb94 was targeted by a phishing attack, losing about $11 million.
Four major crypto crime cases were reported this month
No.1 On June 15, U.S. authorities charged two men with operating the darknet market Empire Market. Law enforcement seized $75 million in cryptocurrency and other assets.
No.2 On June 17, it was revealed that former shareholders and executives of Huludao Bank participated in a virtual currency money laundering case involving 1.8 billion RMB.
No.3 On June 20, the U.S. Department of Justice filed charges against 24 individuals accused of money laundering. They allegedly transferred over $50 million in drug sale proceeds for the Sinaloa Cartel through large cash transactions, cryptocurrency purchases, and collaboration with “underground banks in China.”
No.4 On June 20, the UK Financial Conduct Authority (FCA) and London Police arrested two suspects accused of running an illegal cryptocurrency business, which reportedly facilitated trading of more than £1 billion ($1.3 billion) in crypto assets.
Regulation, compliance, and policy updates
No.1 In June 2024, the Dubai Financial Services Authority (DFSA) announced revisions to its crypto token regime to strengthen and advance the regulatory framework for tokens within its special economic zone.
These amendments stem from recommendations outlined in Consultation Paper No. 153 – Crypto Token Regime Update, released in January 2024. The changes cover multiple areas including the ability of external and foreign funds to issue units in recognized cryptocurrencies, domestic qualified investor funds investing in non-recognized crypto assets, and custody of crypto assets. Furthermore, the amendments introduce anti-financial crime compliance guidelines addressing issues such as the application of the “Travel Rule,” transaction monitoring, blockchain analytics, and fees related to recognized crypto tokens.
No.2 On June 20, 2024, the Singapore government released a 126-page money laundering risk assessment report, providing an in-depth evaluation of current money laundering risks facing the country. The report highlights that while Singapore attracts global ultra-high-net-worth individuals and positions itself as an international financial wealth hub, it also faces significant anti-money laundering challenges and is vulnerable to being used as a channel for laundering proceeds from overseas financial fraud and other crimes. In a recent money laundering case, Singaporean authorities seized over 1.5 billion Singapore dollars from related bank accounts.

Given the current landscape of blockchain security, Beosin summarizes:
Overall, June 2024 saw a significant decline in financial losses from blockchain security incidents. Approximately 67% of this month’s hacking incidents stemmed from private key leaks, affecting a wide range of project types. Project teams and users are advised to enhance private key management and conduct regular security training for high-privilege personnel. Phishing attacks remain prevalent, so users should safeguard their private keys, carefully verify signature messages, and double-check recipient addresses before making transfers.
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News










