- Buy Crypto
- Markets
Futures- Spot
- Copy Trade
Earn- More
Chainalysis: What Did North Korean Hackers Do With the Money Stolen From Cryptocurrency Platforms?
Original Title: $2.2 Billion Stolen from Crypto Platforms in 2024, but Hacked Volumes Stagnate Toward Year-End as DPRK Slows Activity Post-July
Original Source: Chainalysis
Original Translation: Tao Zhu, Golden Finance
Cryptocurrency hacks remain a persistent threat, with over $1 billion worth of cryptocurrency stolen in four of the past ten years (2018, 2021, 2022, and 2023). 2024 marks the fifth year to reach this unsettling milestone, highlighting that as cryptocurrency adoption and prices rise, the amount that can be stolen also increases.
In 2024, stolen funds grew by approximately 21.07% year-on-year, reaching $2.2 billion, with the number of individual hacker incidents increasing from 282 in 2023 to 303 in 2024.
Interesting to note is the evolution in the intensity of cryptocurrency hacks around the first half of this year. In our mid-year crime update, we observed that the cumulative value stolen between January 2024 and July 2024 had already reached $15.8 billion, around 84.4% higher than the stolen value in the same period of 2023. As seen in the chart below, by the end of July, the ecosystem was poised to easily surpass 30 billion, akin to 2021 and 2022. However, the upward trend in cryptocurrency theft in 2024 significantly slowed post-July and remained relatively stable thereafter. Later, we will explore the potential geopolitical reasons for this shift.
Regarding the stolen amounts categorized by victim platform type, 2024 also revealed an interesting pattern. In most quarters from 2021 to 2023, decentralized finance (DeFi) platforms were the primary target of cryptocurrency hackers. DeFi platforms may be more vulnerable to attacks as their developers tend to prioritize rapid growth and product launches over implementing security measures, making them a prime target for hackers.
While DeFi still accounted for the largest share of stolen assets in the first quarter of 2024, centralized services were more targeted in the second and third quarters. Some of the most notable centralized service hacks include DMM Bitcoin (May 2024; $305 million) and WazirX (July 2024; $234.9 million).
This shift in focus from DeFi to centralized services highlights the increasing importance of security mechanisms commonly used by hackers, such as private keys. In 2024, private key leaks accounted for the largest proportion of stolen cryptocurrency, reaching 43.8%. For centralized services, ensuring the security of private keys is crucial as they control access to user assets. Given that centralized exchanges manage a large amount of user funds, the impact of private key leaks could be devastating; we only need to look at the $305 million DMM Bitcoin hack, which is one of the largest cryptocurrency vulnerabilities to date, possibly due to poor private key management or lack of sufficient security.
After leaking private keys, malicious actors often launder stolen funds through decentralized exchanges (DEXes), mining services, or mixing services to obfuscate transaction trails and complicate tracking. By 2024, we can see that the money laundering activities of private key hackers are significantly different from hackers exploiting other attack vectors. For example, after stealing private keys, these hackers often turn to bridging and mixing services. For other attack vectors, decentralized exchanges are more commonly used for money laundering activities.
In 2024, North Korean hackers will steal more from cryptocurrency platforms than ever before
North Korean-affiliated hackers are infamous for their sophisticated and ruthless tactics, often using advanced malware, social engineering, and cryptocurrency theft to fund state-sponsored actions and evade international sanctions. U.S. and international officials assess that Pyongyang leverages stolen cryptocurrency to fund its large-scale weapons of mass destruction and ballistic missile programs, posing a threat to international security. By 2023, North Korean-affiliated hackers will have stolen approximately $660.5 million through 20 incidents; by 2024, this figure increases to $1.34 billion across 47 incidents, a 102.88% increase in stolen value. These figures account for 61% of the total amount stolen that year and 20% of the total number of incidents.
Please note that in last year's report, we released information that North Korea stole $1 billion through 20 hacking incidents. After further investigation, we determined that some of the larger hacking incidents previously attributed to North Korea may no longer be relevant, hence reducing the amount to $660.5 million. However, the number of incidents remains the same as we identified additional smaller hacking incidents attributed to North Korea. As we obtain new on-chain and off-chain evidence, our goal is to continuously reassess our evaluation of North Korean-affiliated hacking incidents.
Unfortunately, cryptocurrency attacks from North Korea seem to be becoming more frequent. In the figure below, we examined the average time between DPRK attack successes based on the exploit scale and found that attacks of various scales have all decreased year over year. It is worth noting that in 2024, the frequency of attacks valued between 50 to 100 million USD and over 100 million USD is much higher than in 2023, indicating that North Korea is becoming more proficient and faster in conducting large-scale attacks. This is a sharp contrast to the previous two years, during which its profits per attack often fell below 50 million USD.
When comparing North Korea's activities to all other hacker activities we monitor, it is clear that North Korea has been consistently responsible for the majority of large-scale attacks over the past three years. Interestingly, North Korean hacker attacks have lower amounts, and the density of hacker attacks, especially around the 10,000 USD mark, has been steadily increasing.
Some of these events seem to be linked to North Korean IT professionals who are increasingly penetrating cryptocurrency and Web3 companies, compromising their networks, operations, and integrity. These employees often employ complex Tactics, Techniques, and Procedures (TTP), such as false identities, utilizing third-party recruitment intermediaries, and manipulating remote work opportunities to gain access. In a recent case, the US Department of Justice (DOJ) on Wednesday indicted 14 North Korean nationals acting as remote IT professionals in the US. The group earned over 88 million USD by stealing proprietary information and extorting their employers.
To mitigate these risks, companies should prioritize thorough hiring due diligence—including background checks and identity verification—while maintaining strong private key security to protect critical assets (if applicable).
Although all these trends indicate significant North Korean activity this year, most of its attacks occurred early in the year, with overall hacker activity stalling in the third and fourth quarters, as shown in the earlier graphs.
In late June 2024, Russian President Vladimir Putin and North Korean leader Kim Jong-un will also hold a summit in Pyongyang, signing a joint defense agreement. So far this year, Russia has unfrozen millions of dollars in previously restricted North Korean assets according to UN Security Council sanctions, marking the continued development of the alliance between the two countries. Meanwhile, North Korea has deployed troops to Ukraine, provided ballistic missiles to Russia, and reportedly sought advanced space, missile, and submarine technology from Moscow.
If we compare the average daily losses of DPRK vulnerabilities before and after July 1, 2024, we can see a significant decrease in the stolen value. Specifically, as shown in the graph below, the amount stolen by North Korea decreased by around 53.73% afterward, while the amount stolen by non-North Korea actors increased by about 5%. Therefore, in addition to shifting military resources to the conflict in Ukraine, North Korea, which has significantly strengthened its cooperation with Russia in recent years, may also have altered its cybercriminal activities.
The decrease in North Korea's fund thefts after July 1, 2024, is evident and the timing is quite conspicuous, but it's worth noting that this decrease may not necessarily be related to Putin's visit to Pyongyang. Furthermore, some events occurring in December could alter this pattern by year-end, and attackers often launch attacks during the holiday season.
Case Study: North Korea's Attack on DMM Bitcoin
A prominent example of a 2024 hack related to North Korea involved the Japanese cryptocurrency exchange DMM Bitcoin, which was targeted in a hack resulting in the loss of approximately 4,502.9 bitcoins, valued at $305 million at the time. The attackers exploited vulnerabilities in the infrastructure used by DMM, leading to unauthorized withdrawals. In response, with the support of the parent company, DMM fully reimbursed customer deposits by sourcing equivalent funds.
We were able to analyze the on-chain fund flow post-initial attack. In the initial phase, we observed the attackers moving millions of dollars worth of cryptocurrency from DMM Bitcoin to several intermediary addresses, eventually reaching a Bitcoin CoinJoin mixing server.
After successfully mixing the stolen funds using a Bitcoin CoinJoin mixing service, the attackers transferred a portion of the funds to Huioneguarantee through some bridging services. Huioneguarantee is an online marketplace associated with the Cambodian conglomerate Huione Group, a significant player in the space known to facilitate cybercrime.
DMM Bitcoin has transitioned its assets and client accounts to a subsidiary of the Japanese financial group SBI Group, known as SBI VC Trade, with the transition scheduled for completion by March 2025. Fortunately, emerging tools and predictive technologies are on the rise, as we will explore in the next section, to prepare for preventing such disruptive hacker attacks.
Stopping Hacker Attacks Using Predictive Models
Advanced predictive technologies are transforming cybersecurity by proactively detecting potential risks and threats in real-time to safeguard the digital ecosystem. Let's look at the following example involving the decentralized liquidity provider UwU Lend.
On June 10, 2024, attackers exploited UwU Lend's price oracle system to secure around $20 million. The attackers executed a flash loan attack to manipulate the price of Ethena Staked USDe (sUSDe) on multiple oracles, causing misreporting of the valuation. Consequently, the attackers were able to borrow millions of dollars within seven minutes. Hexagate detected the attack contract and its similar deployments approximately two days before the exploit.
Although the attack contract was accurately real-time detected in the days leading up to the exploit, the connection to the exploited contract did not immediately surface due to its design. Leveraging tools like Hexagate's security oracle, among others, can further utilize this early detection to mitigate the threat. It is worth noting that the initial attack that resulted in an $8.2 million loss occurred just minutes before subsequent attacks, providing another critical signal.
Alerts issued prior to significant on-chain attacks like this have the potential to alter the security posture of industry participants, enabling them to proactively defend against costly hacks rather than react to them.
In the image below, we see the attacker transferring stolen funds through two intermediary addresses before reaching the OFAC-approved Ethereum smart contract mixer Tornado Cash.
However, it is important to note that merely accessing these predictive models does not guarantee preventing a hack, as protocols may not always have the appropriate tools to take action effectively.
Stronger Encryption Security Needed
The increase in cryptocurrency thefts in 2024 underscores the industry's need to address a growingly complex and evolving threat landscape. While the scale of cryptocurrency theft has not yet returned to the levels of 2021 and 2022, the aforementioned resurgence highlights the gaps in existing security measures and the importance of adapting to new exploitation methods. Effective responses to these challenges require crucial collaboration between public and private sectors. Data-sharing initiatives, real-time security solutions, advanced tracking tools, and targeted training can empower stakeholders to swiftly identify and neutralize malicious actors while establishing the resilience needed to protect crypto assets.
Furthermore, as cryptocurrency regulatory frameworks continue to evolve, scrutiny on platform security and customer asset protection may intensify. Industry best practices must keep pace with these changes to ensure prevention and accountability. By strengthening partnerships with law enforcement and providing resources and expertise for rapid response to teams, the cryptocurrency industry can bolster its anti-theft capabilities. These efforts are not only critical for safeguarding individual assets but also essential for fostering long-term trust and stability in the digital ecosystem.
You may also like
Token Cannot Compound, Where Is the Real Investment Opportunity?
February 6th Market Key Intelligence, How Much Did You Miss?
China's Central Bank and Eight Other Departments' Latest Regulatory Focus: Key Attention to RWA Tokenized Asset Risk
Foreword: Today, the People's Bank of China's website published the "Notice of the People's Bank of China, National Development and Reform Commission, Ministry of Industry and Information Technology, Ministry of Public Security, State Administration for Market Regulation, China Banking and Insurance Regulatory Commission, China Securities Regulatory Commission, State Administration of Foreign Exchange on Further Preventing and Dealing with Risks Related to Virtual Currency and Others (Yinfa [2026] No. 42)", the latest regulatory requirements from the eight departments including the central bank, which are basically consistent with the regulatory requirements of recent years. The main focus of the regulation is on speculative activities such as virtual currency trading, exchanges, ICOs, overseas platform services, and this time, regulatory oversight of RWA has been added, explicitly prohibiting RWA tokenization, stablecoins (especially those pegged to the RMB). The following is the full text:
To the people's governments of all provinces, autonomous regions, and municipalities directly under the Central Government, the Xinjiang Production and Construction Corps:
Recently, there have been speculative activities related to virtual currency and Real-World Assets (RWA) tokenization, disrupting the economic and financial order and jeopardizing the property security of the people. In order to further prevent and address the risks related to virtual currency and Real-World Assets tokenization, effectively safeguard national security and social stability, in accordance with the "Law of the People's Republic of China on the People's Bank of China," "Law of the People's Republic of China on Commercial Banks," "Securities Law of the People's Republic of China," "Law of the People's Republic of China on Securities Investment Funds," "Law of the People's Republic of China on Futures and Derivatives," "Cybersecurity Law of the People's Republic of China," "Regulations of the People's Republic of China on the Administration of Renminbi," "Regulations on Prevention and Disposal of Illegal Fundraising," "Regulations of the People's Republic of China on Foreign Exchange Administration," "Telecommunications Regulations of the People's Republic of China," and other provisions, after reaching consensus with the Cyberspace Administration of China, the Supreme People's Court, and the Supreme People's Procuratorate, and with the approval of the State Council, the relevant matters are notified as follows:
(I) Virtual currency does not possess the legal status equivalent to fiat currency. Virtual currencies such as Bitcoin, Ether, Tether, etc., have the main characteristics of being issued by non-monetary authorities, using encryption technology and distributed ledger or similar technology, existing in digital form, etc. They do not have legal tender status, should not and cannot be circulated and used as currency in the market.
The business activities related to virtual currency are classified as illegal financial activities. The exchange of fiat currency and virtual currency within the territory, exchange of virtual currencies, acting as a central counterparty in buying and selling virtual currencies, providing information intermediary and pricing services for virtual currency transactions, token issuance financing, and trading of virtual currency-related financial products, etc., fall under illegal financial activities, such as suspected illegal issuance of token vouchers, unauthorized public issuance of securities, illegal operation of securities and futures business, illegal fundraising, etc., are strictly prohibited across the board and resolutely banned in accordance with the law. Overseas entities and individuals are not allowed to provide virtual currency-related services to domestic entities in any form.
A stablecoin pegged to a fiat currency indirectly fulfills some functions of the fiat currency in circulation. Without the consent of relevant authorities in accordance with the law and regulations, any domestic or foreign entity or individual is not allowed to issue a RMB-pegged stablecoin overseas.
(II)Tokenization of Real-World Assets refers to the use of encryption technology and distributed ledger or similar technologies to transform ownership rights, income rights, etc., of assets into tokens (tokens) or other interests or bond certificates with token (token) characteristics, and carry out issuance and trading activities.
Engaging in the tokenization of real-world assets domestically, as well as providing related intermediary, information technology services, etc., which are suspected of illegal issuance of token vouchers, unauthorized public offering of securities, illegal operation of securities and futures business, illegal fundraising, and other illegal financial activities, shall be prohibited; except for relevant business activities carried out with the approval of the competent authorities in accordance with the law and regulations and relying on specific financial infrastructures. Overseas entities and individuals are not allowed to illegally provide services related to the tokenization of real-world assets to domestic entities in any form.
(III) Inter-agency Coordination. The People's Bank of China, together with the National Development and Reform Commission, the Ministry of Industry and Information Technology, the Ministry of Public Security, the State Administration for Market Regulation, the China Banking and Insurance Regulatory Commission, the China Securities Regulatory Commission, the State Administration of Foreign Exchange, and other departments, will improve the work mechanism, strengthen coordination with the Cyberspace Administration of China, the Supreme People's Court, and the Supreme People's Procuratorate, coordinate efforts, and overall guide regions to carry out risk prevention and disposal of virtual currency-related illegal financial activities.
The China Securities Regulatory Commission, together with the National Development and Reform Commission, the Ministry of Industry and Information Technology, the Ministry of Public Security, the People's Bank of China, the State Administration for Market Regulation, the China Banking and Insurance Regulatory Commission, the State Administration of Foreign Exchange, and other departments, will improve the work mechanism, strengthen coordination with the Cyberspace Administration of China, the Supreme People's Court, and the Supreme People's Procuratorate, coordinate efforts, and overall guide regions to carry out risk prevention and disposal of illegal financial activities related to the tokenization of real-world assets.
(IV) Strengthening Local Implementation. The people's governments at the provincial level are overall responsible for the prevention and disposal of risks related to virtual currencies and the tokenization of real-world assets in their respective administrative regions. The specific leading department is the local financial regulatory department, with participation from branches and dispatched institutions of the State Council's financial regulatory department, telecommunications regulators, public security, market supervision, and other departments, in coordination with cyberspace departments, courts, and procuratorates, to improve the normalization of the work mechanism, effectively connect with the relevant work mechanisms of central departments, form a cooperative and coordinated working pattern between central and local governments, effectively prevent and properly handle risks related to virtual currencies and the tokenization of real-world assets, and maintain economic and financial order and social stability.
(5) Enhanced Risk Monitoring. The People's Bank of China, China Securities Regulatory Commission, National Development and Reform Commission, Ministry of Industry and Information Technology, Ministry of Public Security, State Administration of Foreign Exchange, Cyberspace Administration of China, and other departments continue to improve monitoring techniques and system support, enhance cross-departmental data analysis and sharing, establish sound information sharing and cross-validation mechanisms, promptly grasp the risk situation of activities related to virtual currency and real-world asset tokenization. Local governments at all levels give full play to the role of local monitoring and early warning mechanisms. Local financial regulatory authorities, together with branches and agencies of the State Council's financial regulatory authorities, as well as departments of cyberspace and public security, ensure effective connection between online monitoring, offline investigation, and fund tracking, efficiently and accurately identify activities related to virtual currency and real-world asset tokenization, promptly share risk information, improve early warning information dissemination, verification, and rapid response mechanisms.
(6) Strengthened Oversight of Financial Institutions, Intermediaries, and Technology Service Providers. Financial institutions (including non-bank payment institutions) are prohibited from providing account opening, fund transfer, and clearing services for virtual currency-related business activities, issuing and selling financial products related to virtual currency, including virtual currency and related financial products in the scope of collateral, conducting insurance business related to virtual currency, or including virtual currency in the scope of insurance liability. Financial institutions (including non-bank payment institutions) are prohibited from providing custody, clearing, and settlement services for unauthorized real-world asset tokenization-related business and related financial products. Relevant intermediary institutions and information technology service providers are prohibited from providing intermediary, technical, or other services for unauthorized real-world asset tokenization-related businesses and related financial products.
(7) Enhanced Management of Internet Information Content and Access. Internet enterprises are prohibited from providing online business venues, commercial displays, marketing, advertising, or paid traffic diversion services for virtual currency and real-world asset tokenization-related business activities. Upon discovering clues of illegal activities, they should promptly report to relevant departments and provide technical support and assistance for related investigations and inquiries. Based on the clues transferred by the financial regulatory authorities, the cyberspace administration, telecommunications authorities, and public security departments should promptly close and deal with websites, mobile applications (including mini-programs), and public accounts engaged in virtual currency and real-world asset tokenization-related business activities in accordance with the law.
(8) Strengthened Entity Registration and Advertisement Management. Market supervision departments strengthen entity registration and management, and enterprise and individual business registrations must not contain terms such as "virtual currency," "virtual asset," "cryptocurrency," "crypto asset," "stablecoin," "real-world asset tokenization," or "RWA" in their names or business scopes. Market supervision departments, together with financial regulatory authorities, legally enhance the supervision of advertisements related to virtual currency and real-world asset tokenization, promptly investigating and handling relevant illegal advertisements.
(IX) Continued Rectification of Virtual Currency Mining Activities. The National Development and Reform Commission, together with relevant departments, strictly controls virtual currency mining activities, continuously promotes the rectification of virtual currency mining activities. The people's governments of various provinces take overall responsibility for the rectification of "mining" within their respective administrative regions. In accordance with the requirements of the National Development and Reform Commission and other departments in the "Notice on the Rectification of Virtual Currency Mining Activities" (NDRC Energy-saving Building [2021] No. 1283) and the provisions of the "Guidance Catalog for Industrial Structure Adjustment (2024 Edition)," a comprehensive review, investigation, and closure of existing virtual currency mining projects are conducted, new mining projects are strictly prohibited, and mining machine production enterprises are strictly prohibited from providing mining machine sales and other services within the country.
(X) Severe Crackdown on Related Illegal Financial Activities. Upon discovering clues to illegal financial activities related to virtual currency and the tokenization of real-world assets, local financial regulatory authorities, branches of the State Council's financial regulatory authorities, and other relevant departments promptly investigate, determine, and properly handle the issues in accordance with the law, and seriously hold the relevant entities and individuals legally responsible. Those suspected of crimes are transferred to the judicial authorities for processing according to the law.
(XI) Severe Crackdown on Related Illegal and Criminal Activities. The Ministry of Public Security, the People's Bank of China, the State Administration for Market Regulation, the China Banking and Insurance Regulatory Commission, the China Securities Regulatory Commission, as well as judicial and procuratorial organs, in accordance with their respective responsibilities, rigorously crack down on illegal and criminal activities related to virtual currency, the tokenization of real-world assets, such as fraud, money laundering, illegal business operations, pyramid schemes, illegal fundraising, and other illegal and criminal activities carried out under the guise of virtual currency, the tokenization of real-world assets, etc.
(XII) Strengthen Industry Self-discipline. Relevant industry associations should enhance membership management and policy advocacy, based on their own responsibilities, advocate and urge member units to resist illegal financial activities related to virtual currency and the tokenization of real-world assets. Member units that violate regulatory policies and industry self-discipline rules are to be disciplined in accordance with relevant self-regulatory management regulations. By leveraging various industry infrastructure, conduct risk monitoring related to virtual currency, the tokenization of real-world assets, and promptly transfer issue clues to relevant departments.
(XIII) Without the approval of relevant departments in accordance with the law and regulations, domestic entities and foreign entities controlled by them may not issue virtual currency overseas.
(XIV) Domestic entities engaging directly or indirectly in overseas external debt-based tokenization of real-world assets, or conducting asset securitization activities abroad based on domestic ownership rights, income rights, etc. (hereinafter referred to as domestic equity), should be strictly regulated in accordance with the principles of "same business, same risk, same rules." The National Development and Reform Commission, the China Securities Regulatory Commission, the State Administration of Foreign Exchange, and other relevant departments regulate it according to their respective responsibilities. For other forms of overseas real-world asset tokenization activities based on domestic equity by domestic entities, the China Securities Regulatory Commission, together with relevant departments, supervise according to their division of responsibilities. Without the consent and filing of relevant departments, no unit or individual may engage in the above-mentioned business.
(15) Overseas subsidiaries and branches of domestic financial institutions providing Real World Asset Tokenization-related services overseas shall do so legally and prudently. They shall have professional personnel and systems in place to effectively mitigate business risks, strictly implement customer onboarding, suitability management, anti-money laundering requirements, and incorporate them into the domestic financial institutions' compliance and risk management system. Intermediaries and information technology service providers offering Real World Asset Tokenization services abroad based on domestic equity or conducting Real World Asset Tokenization business in the form of overseas debt for domestic entities directly or indirectly venturing abroad must strictly comply with relevant laws and regulations. They should establish and improve relevant compliance and internal control systems in accordance with relevant normative requirements, strengthen business and risk control, and report the business developments to the relevant regulatory authorities for approval or filing.
(16) Strengthen organizational leadership and overall coordination. All departments and regions should attach great importance to the prevention of risks related to virtual currencies and Real World Asset Tokenization, strengthen organizational leadership, clarify work responsibilities, form a long-term effective working mechanism with centralized coordination, local implementation, and shared responsibilities, maintain high pressure, dynamically monitor risks, effectively prevent and mitigate risks in an orderly and efficient manner, legally protect the property security of the people, and make every effort to maintain economic and financial order and social stability.
(17) Widely carry out publicity and education. All departments, regions, and industry associations should make full use of various media and other communication channels to disseminate information through legal and policy interpretation, analysis of typical cases, and education on investment risks, etc. They should promote the illegality and harm of virtual currencies and Real World Asset Tokenization-related businesses and their manifestations, fully alert to potential risks and hidden dangers, and enhance public awareness and identification capabilities for risk prevention.
(18) Engaging in illegal financial activities related to virtual currencies and Real World Asset Tokenization in violation of this notice, as well as providing services for virtual currencies and Real World Asset Tokenization-related businesses, shall be punished in accordance with relevant regulations. If it constitutes a crime, criminal liability shall be pursued according to the law. For domestic entities and individuals who knowingly or should have known that overseas entities illegally provided virtual currency or Real World Asset Tokenization-related services to domestic entities and still assisted them, relevant responsibilities shall be pursued according to the law. If it constitutes a crime, criminal liability shall be pursued according to the law.
(19) If any unit or individual invests in virtual currencies, Real World Asset Tokens, and related financial products against public order and good customs, the relevant civil legal actions shall be invalid, and any resulting losses shall be borne by them. If there are suspicions of disrupting financial order and jeopardizing financial security, the relevant departments shall deal with them according to the law.
This notice shall enter into force upon the date of its issuance. The People's Bank of China and ten other departments' "Notice on Further Preventing and Dealing with the Risks of Virtual Currency Trading Speculation" (Yinfa [2021] No. 237) is hereby repealed.
Former Partner's Perspective on Multicoin: Kyle's Exit, But the Game He Left Behind Just Getting Started
Why Bitcoin Is Falling Now: The Real Reasons Behind BTC's Crash & WEEX's Smart Profit Playbook
Bitcoin's ongoing crash explained: Discover the 5 hidden triggers behind BTC's plunge & how WEEX's Auto Earn and Trade to Earn strategies help traders profit from crypto market volatility.
Wall Street's Hottest Trades See Exodus
Vitalik Discusses Ethereum Scaling Path, Circle Announces Partnership with Polymarket, What's the Overseas Crypto Community Talking About Today?
Believing in the Capital Markets - The Essence and Core Value of Cryptocurrency
Polymarket's 'Weatherman': Predict Temperature, Win Million-Dollar Payout
$15K+ Profits: The 4 AI Trading Secrets WEEX Hackathon Prelim Winners Used to Dominate Volatile Crypto Markets
How WEEX Hackathon's top AI trading strategies made $15K+ in crypto markets: 4 proven rules for ETH/BTC trading, market structure analysis, and risk management in volatile conditions.
A nearly 20% one-day plunge, how long has it been since you last saw a $60,000 Bitcoin?
Raoul Pal: I've seen every single panic, and they are never the end.
Key Market Information Discrepancy on February 6th - A Must-Read! | Alpha Morning Report
2026 Crypto Industry's First Snowfall
The Harsh Reality Behind the $26 Billion Crypto Liquidation: Liquidity Is Killing the Market
Why Is Gold, US Stocks, Bitcoin All Falling?
Key Market Intelligence for February 5th, how much did you miss out on?
Wintermute: By 2026, crypto had gradually become the settlement layer of the Internet economy
Token Cannot Compound, Where Is the Real Investment Opportunity?
February 6th Market Key Intelligence, How Much Did You Miss?
China's Central Bank and Eight Other Departments' Latest Regulatory Focus: Key Attention to RWA Tokenized Asset Risk
Foreword: Today, the People's Bank of China's website published the "Notice of the People's Bank of China, National Development and Reform Commission, Ministry of Industry and Information Technology, Ministry of Public Security, State Administration for Market Regulation, China Banking and Insurance Regulatory Commission, China Securities Regulatory Commission, State Administration of Foreign Exchange on Further Preventing and Dealing with Risks Related to Virtual Currency and Others (Yinfa [2026] No. 42)", the latest regulatory requirements from the eight departments including the central bank, which are basically consistent with the regulatory requirements of recent years. The main focus of the regulation is on speculative activities such as virtual currency trading, exchanges, ICOs, overseas platform services, and this time, regulatory oversight of RWA has been added, explicitly prohibiting RWA tokenization, stablecoins (especially those pegged to the RMB). The following is the full text:
To the people's governments of all provinces, autonomous regions, and municipalities directly under the Central Government, the Xinjiang Production and Construction Corps:
Recently, there have been speculative activities related to virtual currency and Real-World Assets (RWA) tokenization, disrupting the economic and financial order and jeopardizing the property security of the people. In order to further prevent and address the risks related to virtual currency and Real-World Assets tokenization, effectively safeguard national security and social stability, in accordance with the "Law of the People's Republic of China on the People's Bank of China," "Law of the People's Republic of China on Commercial Banks," "Securities Law of the People's Republic of China," "Law of the People's Republic of China on Securities Investment Funds," "Law of the People's Republic of China on Futures and Derivatives," "Cybersecurity Law of the People's Republic of China," "Regulations of the People's Republic of China on the Administration of Renminbi," "Regulations on Prevention and Disposal of Illegal Fundraising," "Regulations of the People's Republic of China on Foreign Exchange Administration," "Telecommunications Regulations of the People's Republic of China," and other provisions, after reaching consensus with the Cyberspace Administration of China, the Supreme People's Court, and the Supreme People's Procuratorate, and with the approval of the State Council, the relevant matters are notified as follows:
(I) Virtual currency does not possess the legal status equivalent to fiat currency. Virtual currencies such as Bitcoin, Ether, Tether, etc., have the main characteristics of being issued by non-monetary authorities, using encryption technology and distributed ledger or similar technology, existing in digital form, etc. They do not have legal tender status, should not and cannot be circulated and used as currency in the market.
The business activities related to virtual currency are classified as illegal financial activities. The exchange of fiat currency and virtual currency within the territory, exchange of virtual currencies, acting as a central counterparty in buying and selling virtual currencies, providing information intermediary and pricing services for virtual currency transactions, token issuance financing, and trading of virtual currency-related financial products, etc., fall under illegal financial activities, such as suspected illegal issuance of token vouchers, unauthorized public issuance of securities, illegal operation of securities and futures business, illegal fundraising, etc., are strictly prohibited across the board and resolutely banned in accordance with the law. Overseas entities and individuals are not allowed to provide virtual currency-related services to domestic entities in any form.
A stablecoin pegged to a fiat currency indirectly fulfills some functions of the fiat currency in circulation. Without the consent of relevant authorities in accordance with the law and regulations, any domestic or foreign entity or individual is not allowed to issue a RMB-pegged stablecoin overseas.
(II)Tokenization of Real-World Assets refers to the use of encryption technology and distributed ledger or similar technologies to transform ownership rights, income rights, etc., of assets into tokens (tokens) or other interests or bond certificates with token (token) characteristics, and carry out issuance and trading activities.
Engaging in the tokenization of real-world assets domestically, as well as providing related intermediary, information technology services, etc., which are suspected of illegal issuance of token vouchers, unauthorized public offering of securities, illegal operation of securities and futures business, illegal fundraising, and other illegal financial activities, shall be prohibited; except for relevant business activities carried out with the approval of the competent authorities in accordance with the law and regulations and relying on specific financial infrastructures. Overseas entities and individuals are not allowed to illegally provide services related to the tokenization of real-world assets to domestic entities in any form.
(III) Inter-agency Coordination. The People's Bank of China, together with the National Development and Reform Commission, the Ministry of Industry and Information Technology, the Ministry of Public Security, the State Administration for Market Regulation, the China Banking and Insurance Regulatory Commission, the China Securities Regulatory Commission, the State Administration of Foreign Exchange, and other departments, will improve the work mechanism, strengthen coordination with the Cyberspace Administration of China, the Supreme People's Court, and the Supreme People's Procuratorate, coordinate efforts, and overall guide regions to carry out risk prevention and disposal of virtual currency-related illegal financial activities.
The China Securities Regulatory Commission, together with the National Development and Reform Commission, the Ministry of Industry and Information Technology, the Ministry of Public Security, the People's Bank of China, the State Administration for Market Regulation, the China Banking and Insurance Regulatory Commission, the State Administration of Foreign Exchange, and other departments, will improve the work mechanism, strengthen coordination with the Cyberspace Administration of China, the Supreme People's Court, and the Supreme People's Procuratorate, coordinate efforts, and overall guide regions to carry out risk prevention and disposal of illegal financial activities related to the tokenization of real-world assets.
(IV) Strengthening Local Implementation. The people's governments at the provincial level are overall responsible for the prevention and disposal of risks related to virtual currencies and the tokenization of real-world assets in their respective administrative regions. The specific leading department is the local financial regulatory department, with participation from branches and dispatched institutions of the State Council's financial regulatory department, telecommunications regulators, public security, market supervision, and other departments, in coordination with cyberspace departments, courts, and procuratorates, to improve the normalization of the work mechanism, effectively connect with the relevant work mechanisms of central departments, form a cooperative and coordinated working pattern between central and local governments, effectively prevent and properly handle risks related to virtual currencies and the tokenization of real-world assets, and maintain economic and financial order and social stability.
(5) Enhanced Risk Monitoring. The People's Bank of China, China Securities Regulatory Commission, National Development and Reform Commission, Ministry of Industry and Information Technology, Ministry of Public Security, State Administration of Foreign Exchange, Cyberspace Administration of China, and other departments continue to improve monitoring techniques and system support, enhance cross-departmental data analysis and sharing, establish sound information sharing and cross-validation mechanisms, promptly grasp the risk situation of activities related to virtual currency and real-world asset tokenization. Local governments at all levels give full play to the role of local monitoring and early warning mechanisms. Local financial regulatory authorities, together with branches and agencies of the State Council's financial regulatory authorities, as well as departments of cyberspace and public security, ensure effective connection between online monitoring, offline investigation, and fund tracking, efficiently and accurately identify activities related to virtual currency and real-world asset tokenization, promptly share risk information, improve early warning information dissemination, verification, and rapid response mechanisms.
(6) Strengthened Oversight of Financial Institutions, Intermediaries, and Technology Service Providers. Financial institutions (including non-bank payment institutions) are prohibited from providing account opening, fund transfer, and clearing services for virtual currency-related business activities, issuing and selling financial products related to virtual currency, including virtual currency and related financial products in the scope of collateral, conducting insurance business related to virtual currency, or including virtual currency in the scope of insurance liability. Financial institutions (including non-bank payment institutions) are prohibited from providing custody, clearing, and settlement services for unauthorized real-world asset tokenization-related business and related financial products. Relevant intermediary institutions and information technology service providers are prohibited from providing intermediary, technical, or other services for unauthorized real-world asset tokenization-related businesses and related financial products.
(7) Enhanced Management of Internet Information Content and Access. Internet enterprises are prohibited from providing online business venues, commercial displays, marketing, advertising, or paid traffic diversion services for virtual currency and real-world asset tokenization-related business activities. Upon discovering clues of illegal activities, they should promptly report to relevant departments and provide technical support and assistance for related investigations and inquiries. Based on the clues transferred by the financial regulatory authorities, the cyberspace administration, telecommunications authorities, and public security departments should promptly close and deal with websites, mobile applications (including mini-programs), and public accounts engaged in virtual currency and real-world asset tokenization-related business activities in accordance with the law.
(8) Strengthened Entity Registration and Advertisement Management. Market supervision departments strengthen entity registration and management, and enterprise and individual business registrations must not contain terms such as "virtual currency," "virtual asset," "cryptocurrency," "crypto asset," "stablecoin," "real-world asset tokenization," or "RWA" in their names or business scopes. Market supervision departments, together with financial regulatory authorities, legally enhance the supervision of advertisements related to virtual currency and real-world asset tokenization, promptly investigating and handling relevant illegal advertisements.
(IX) Continued Rectification of Virtual Currency Mining Activities. The National Development and Reform Commission, together with relevant departments, strictly controls virtual currency mining activities, continuously promotes the rectification of virtual currency mining activities. The people's governments of various provinces take overall responsibility for the rectification of "mining" within their respective administrative regions. In accordance with the requirements of the National Development and Reform Commission and other departments in the "Notice on the Rectification of Virtual Currency Mining Activities" (NDRC Energy-saving Building [2021] No. 1283) and the provisions of the "Guidance Catalog for Industrial Structure Adjustment (2024 Edition)," a comprehensive review, investigation, and closure of existing virtual currency mining projects are conducted, new mining projects are strictly prohibited, and mining machine production enterprises are strictly prohibited from providing mining machine sales and other services within the country.
(X) Severe Crackdown on Related Illegal Financial Activities. Upon discovering clues to illegal financial activities related to virtual currency and the tokenization of real-world assets, local financial regulatory authorities, branches of the State Council's financial regulatory authorities, and other relevant departments promptly investigate, determine, and properly handle the issues in accordance with the law, and seriously hold the relevant entities and individuals legally responsible. Those suspected of crimes are transferred to the judicial authorities for processing according to the law.
(XI) Severe Crackdown on Related Illegal and Criminal Activities. The Ministry of Public Security, the People's Bank of China, the State Administration for Market Regulation, the China Banking and Insurance Regulatory Commission, the China Securities Regulatory Commission, as well as judicial and procuratorial organs, in accordance with their respective responsibilities, rigorously crack down on illegal and criminal activities related to virtual currency, the tokenization of real-world assets, such as fraud, money laundering, illegal business operations, pyramid schemes, illegal fundraising, and other illegal and criminal activities carried out under the guise of virtual currency, the tokenization of real-world assets, etc.
(XII) Strengthen Industry Self-discipline. Relevant industry associations should enhance membership management and policy advocacy, based on their own responsibilities, advocate and urge member units to resist illegal financial activities related to virtual currency and the tokenization of real-world assets. Member units that violate regulatory policies and industry self-discipline rules are to be disciplined in accordance with relevant self-regulatory management regulations. By leveraging various industry infrastructure, conduct risk monitoring related to virtual currency, the tokenization of real-world assets, and promptly transfer issue clues to relevant departments.
(XIII) Without the approval of relevant departments in accordance with the law and regulations, domestic entities and foreign entities controlled by them may not issue virtual currency overseas.
(XIV) Domestic entities engaging directly or indirectly in overseas external debt-based tokenization of real-world assets, or conducting asset securitization activities abroad based on domestic ownership rights, income rights, etc. (hereinafter referred to as domestic equity), should be strictly regulated in accordance with the principles of "same business, same risk, same rules." The National Development and Reform Commission, the China Securities Regulatory Commission, the State Administration of Foreign Exchange, and other relevant departments regulate it according to their respective responsibilities. For other forms of overseas real-world asset tokenization activities based on domestic equity by domestic entities, the China Securities Regulatory Commission, together with relevant departments, supervise according to their division of responsibilities. Without the consent and filing of relevant departments, no unit or individual may engage in the above-mentioned business.
(15) Overseas subsidiaries and branches of domestic financial institutions providing Real World Asset Tokenization-related services overseas shall do so legally and prudently. They shall have professional personnel and systems in place to effectively mitigate business risks, strictly implement customer onboarding, suitability management, anti-money laundering requirements, and incorporate them into the domestic financial institutions' compliance and risk management system. Intermediaries and information technology service providers offering Real World Asset Tokenization services abroad based on domestic equity or conducting Real World Asset Tokenization business in the form of overseas debt for domestic entities directly or indirectly venturing abroad must strictly comply with relevant laws and regulations. They should establish and improve relevant compliance and internal control systems in accordance with relevant normative requirements, strengthen business and risk control, and report the business developments to the relevant regulatory authorities for approval or filing.
(16) Strengthen organizational leadership and overall coordination. All departments and regions should attach great importance to the prevention of risks related to virtual currencies and Real World Asset Tokenization, strengthen organizational leadership, clarify work responsibilities, form a long-term effective working mechanism with centralized coordination, local implementation, and shared responsibilities, maintain high pressure, dynamically monitor risks, effectively prevent and mitigate risks in an orderly and efficient manner, legally protect the property security of the people, and make every effort to maintain economic and financial order and social stability.
(17) Widely carry out publicity and education. All departments, regions, and industry associations should make full use of various media and other communication channels to disseminate information through legal and policy interpretation, analysis of typical cases, and education on investment risks, etc. They should promote the illegality and harm of virtual currencies and Real World Asset Tokenization-related businesses and their manifestations, fully alert to potential risks and hidden dangers, and enhance public awareness and identification capabilities for risk prevention.
(18) Engaging in illegal financial activities related to virtual currencies and Real World Asset Tokenization in violation of this notice, as well as providing services for virtual currencies and Real World Asset Tokenization-related businesses, shall be punished in accordance with relevant regulations. If it constitutes a crime, criminal liability shall be pursued according to the law. For domestic entities and individuals who knowingly or should have known that overseas entities illegally provided virtual currency or Real World Asset Tokenization-related services to domestic entities and still assisted them, relevant responsibilities shall be pursued according to the law. If it constitutes a crime, criminal liability shall be pursued according to the law.
(19) If any unit or individual invests in virtual currencies, Real World Asset Tokens, and related financial products against public order and good customs, the relevant civil legal actions shall be invalid, and any resulting losses shall be borne by them. If there are suspicions of disrupting financial order and jeopardizing financial security, the relevant departments shall deal with them according to the law.
This notice shall enter into force upon the date of its issuance. The People's Bank of China and ten other departments' "Notice on Further Preventing and Dealing with the Risks of Virtual Currency Trading Speculation" (Yinfa [2021] No. 237) is hereby repealed.
Former Partner's Perspective on Multicoin: Kyle's Exit, But the Game He Left Behind Just Getting Started
Why Bitcoin Is Falling Now: The Real Reasons Behind BTC's Crash & WEEX's Smart Profit Playbook
Bitcoin's ongoing crash explained: Discover the 5 hidden triggers behind BTC's plunge & how WEEX's Auto Earn and Trade to Earn strategies help traders profit from crypto market volatility.
App