Tracking stolen crypto — How blockchain analysis helps recover funds

In the rapid development of decentralized finance (DeFi) and the wider Web3 space, security is of paramount importance. New threats are constantly emerging, so it is critical to understand attack patterns for risk assessment and reliability assessment. According to Cointelegraph’s Crypto Hacks database, more than $990 million was lost or stolen in 2023 alone.

This growing security need has led to the emergence of a diverse ecosystem of Web3 security expertise, from decentralized identity solutions to smart contract auditors, ensuring the security of this dynamic digital space.

Sign up here Cointelegraph Research Cryptocurrency Hacking Library

The Lazarus Group, a government-affiliated hacktivist group from North Korea, remains a persistent threat. Lazarus caused at least $291 million in recognized losses in 2023. Even entering the third quarter, Lazarus remains active and conducted an attack on CoinEx that resulted in losses of over $55 million, leaving a chilling reminder of cybersecurity. challenge.

Strengthening cryptographic security through blockchain analysis

Additionally, even companies sometimes struggle to deal with potential hacks and vulnerabilities. Therefore, individual cryptocurrency enthusiasts need skills to conduct analysis and research to protect their funds. Blockchain analysis is the investigative process of examining blockchain transactions to track illegal activity and recover stolen assets. Here’s how it works:

  1. transaction tracking: Blockchain analysts carefully track blockchain transactions involving stolen cryptocurrencies.
  2. Address clustering: Analysts group related addresses to identify the flow of stolen funds. This clustering helps understand how funds move between wallets.
  3. Behavior analysis: Analysts can study transaction patterns to identify unusual or suspicious behavior that may indicate hacking or theft.
  4. pattern recognition: Analysts use historical data and known attack patterns to identify emerging threats for early detection and mitigation.
  5. Regulatory vigilance: Governments around the world are pushing to introduce stricter anti-money laundering (AML) and know-your-customer (KYC) regulations in the cryptocurrency space.
  6. cooperate: Blockchain analysis often involves working with law enforcement agencies, exchanges, and other stakeholders to freeze or recover stolen assets.

Blockchain analysis is one of the tools at the disposal of investigators when investigating cryptocurrency hacks. Open Source Intelligence (OSINT) is another key component. Investigators use OSINT to gather information about individuals or entities involved in hacking attacks. This may include using tools such as Etherscan, Nansen, Tenderly, Ethective, or Breadcrumbs to better understand the situation.

By combining blockchain analysis with open-source intelligence, investigators can build a comprehensive view of the hacker, potentially identifying the perpetrators and more efficiently recovering stolen assets.

In one notable case, the perpetrator of the Curve Finance exploit that resulted in over $61 million in cryptocurrency losses on July 30 has now returned approximately $8.9 million in cryptocurrency to Alchemix Finance and Curve Finance. Surprisingly, the attacker’s motivation was not to evade capture but to protect the integrity of the exploited protocol. The attack exploited a reentrancy vulnerability and affected multiple mining pools, including Alchemix Finance’s alETH-ETH, JPEG’d pETH-ETH, and Metronome sETH-ETH mining pools. While the funds returned accounted for approximately 15% of the total funds lost, the incident highlights the intricate ethical and motivational dynamics in the cryptocurrency space following security breaches.

On-chain data remains a valuable investigative tool unique to the blockchain and crypto-asset world. Thanks to the underlying distributed ledger technology, it provides all Web3 enthusiasts a special window into asset flows, transaction tracking, and powerful analytics. Take advantage of these opportunities by exploring the Cointelegraph Research Crypto Hacks database, an indispensable resource for a comprehensive understanding of recent security incidents and emerging threats. Learn how this powerful tool can help you protect your crypto assets and stay ahead of potential risks.

Cointelegraph Research Team

Cointelegraph’s research department is comprised of some of the best minds in the blockchain industry. The researchers on the team combine academic rigor with hard-earned practical experience to deliver the most accurate and insightful content on the market.

With decades of combined experience in traditional finance, business, engineering, technology and research, Cointelegraph Research Team fully capable of leveraging its combined talents.

The views expressed herein are for general information purposes only and are not intended to provide specific advice or recommendations for any individual or for any particular security or investment product.