Prisma Finance 黑客曝光：区块链调查后身份曝光

Prisma Finance Hacker Unmasked: Blockchain sleuth reveals identity after extensive investigation

Unveiling the Culprit

After a comprehensive investigation spanning weeks, blockchain investigator ZachXBT has successfully uncovered the identity of the malicious actor responsible for the multi-million dollar exploit on the Prisma Finance decentralized finance (DeFi) protocol. The hacker's identity has been traced to the wallet address 0x77, also known as Trung.

Unveiling the Hacker's Modus Operandi

ZachXBT's meticulous investigation revealed critical insights into the hacker's methodology. The stolen funds were channeled through FixedFloat, an automated exchange platform known for its ability to conceal users' identities. Unlike other exchanges, FixedFloat operates without Know-Your-Customer (KYC) verifications, providing a convenient avenue for concealing illicit activities.

Employing sophisticated timing analysis techniques, the blockchain sleuth pinpointed the origin of the illicit funds to Arbitrum, a layer-2 scaling solution built on the Ethereum ecosystem.

"On-chain the exploiters address was funded via FixedFloat. Using timing analysis the source address was then located on Arbitrum," ZachXBT tweeted, detailing his investigative process.

Further timing analysis revealed connections between the Prisma Finance hacker's address and withdrawals on the TRON blockchain as well as Bybit, a cryptocurrency exchange.

Linking to Other Exploits

ZachXBT's investigation did not end with the Prisma Finance exploit; the blockchain sleuth also established links between the hacker and other notable exploits in the industry. These include the Arcade_xyz hack in March 2023 and the Pine Protocol exploit in February 2024.

Intriguingly, the Prisma Finance hacker was found to have connections with another known exploiter on Telegram, using the pseudonym 0x77. This individual remains active on the platform, potentially hinting at future malicious activities.

Whitehat Hacker with Malicious Intent

Prisma Finance fell victim to a malicious exploit on March 28, 2024, resulting in the loss of approximately 3,257.7 Ethereum (ETH) worth around $11 million at the time.

Initially masquerading as a "whitehat rescue" mission, the hacker claimed to be seeking vulnerabilities within the protocol to enhance its security. Blockchain analytics firm Etherscan initially supported this claim, indicating that the perpetrator had contacted Prisma Finance to inquire about returning the stolen funds.

However, hopes of asset recovery were dashed when blockchain security firm Cyvers disclosed that the hacker had swiftly converted the illicit funds into another token. Moreover, another crypto security company discovered that approximately 200 Ether had been transferred to Tornado Cash, a digital asset mixer sanctioned by the Office of Foreign Assets Control (OFAC).

These revelations shattered the notion that the Prisma Finance exploit was a legitimate "whitehat rescue."

Crypto Exploits: A Disturbing Trend

The Prisma Finance incident is just one of many exploits that have plagued the crypto industry in recent times. Hackers continue to exploit vulnerabilities within the DeFi sector, hindering its growth and tarnishing its reputation.

In the first four months of 2024 alone, malicious actors have stolen over $200 million worth of digital assets from various projects. According to Web3 security firm Immunefi, these losses stem from rug pulls, hacks, and exit scams targeting 32 different projects.

In 2023, the crypto industry suffered losses exceeding $1.8 billion due to hacks and scams, with 17% of these attacks attributed to the notorious North Korean Lazarus Group.

The ongoing wave of exploits underscores the urgent need for robust cybersecurity measures within the crypto ecosystem. Exchanges, protocols, and users must prioritize security to mitigate the risks associated with malicious actors targeting the industry.