|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
這是用戶常見的錯誤,如果使用促進這些攻擊的加密貨幣,即使是具有先進知識的投資者也會受到影響。
Someone lost (yet another) millions of dollars’ worth of funds to a phishing attack while using decentralized finance (DeFi). This is a common mistake among users, affecting even investors with advanced knowledge if using cryptocurrencies that facilitate these attacks.
有人在使用去中心化金融(DeFi)時因網路釣魚攻擊而損失了(又)數百萬美元的資金。這是用戶常見的錯誤,如果使用促進這些攻擊的加密貨幣,即使是具有先進知識的投資者也會受到影響。
In this most recent event, the Ethereum address ‘0xAA1582084c4f588eF9BE86F5eA1a919F86A3eE57‘ lost 12,083.6 spEWTH, valued at $32.33 million. Ethereum’s blockchain registered the transaction to two addresses labeled “Fake Phishing” on September 28 at 6:15 a.m. UTC.
在最近的這次事件中,以太坊地址「0xAA1582084c4f588eF9BE86F5eA1a919F86A3eE57」損失了 12,083.6 spEWTH,價值 3,233 萬美元。以太坊區塊鏈於世界標準時間 9 月 28 日上午 6:15 將交易記錄到兩個標有「假網路釣魚」的地址。
Finbold consulted the Arkham Intelligence database, which suggests the address belongs to Shixing Mao, also known as DiscusFish on X. Right now, it still holds $8.25 million worth of tokens, of which $2.85 million are in DAI stablecoin.
Finbold 查閱了 Arkham Intelligence 資料庫,顯示該地址屬於 Shixing Mao(X 上的 DiscusFish)。
Notably, Shixing Mao is an experienced crypto executive and co-founder of F2Pool and Cobo. If this address truly belongs to Mao, it is yet another cautionary tale about how even experts can fall victim to such attacks – urging the need to find universal solutions to avoid similar events.
值得注意的是,毛世興是一位經驗豐富的加密貨幣主管,也是 F2Pool 和 Cobo 的共同創辦人。如果這個演講確實屬於毛澤東,那麼這又是一個警示故事,說明即使是專家也可能成為此類攻擊的受害者——敦促需要找到通用解決方案以避免類似事件。
1 in 7 crypto investors were victims of Phishing
七分之一的加密貨幣投資者是網路釣魚的受害者
A survey from WalletConnect shows that nearly one in every seven cryptocurrency users has fallen victim to a phishing attack. According to WalletConnect, 14.4% of respondents said, “Yes, I have lost crypto due to a phishing attack or scam.”
WalletConnect 的一項調查顯示,近七分之一的加密貨幣用戶成為網路釣魚攻擊的受害者。據 WalletConnect 稱,14.4% 的受訪者表示,“是的,我由於網路釣魚攻擊或詐騙而丟失了加密貨幣。”
Accounts on X have reported some of the big numbers crypto investors lost while interacting with malicious contracts or addresses. A recent example involves Scam Sniffer‘s report on July 23 of a $4.69 million loss of Pendle (PENDLE) re-staking tokens.
X 上的帳戶報告了一些加密貨幣投資者在與惡意合約或地址互動時損失的大量資金。最近的一個例子是 Scam Sniffer 於 7 月 23 日報告的 Pendle (PENDLE) 重新質押代幣損失 469 萬美元。
Also, the $55 million DAI loss to a phishing attack Lookonchain reported on August 21, urging users to double-check transactions. In the first half of 2024, Scam Sniffer identified over $314 million stolen across Ethereum Virtual Machine (EVM) chains.
此外,Lookonchain 於 8 月 21 日報道稱,DAI 因網路釣魚攻擊而損失了 5,500 萬美元,敦促用戶仔細檢查交易。 2024 年上半年,Scam Sniffer 發現以太坊虛擬機器 (EVM) 鏈上的價值超過 3.14 億美元被盜。
On Finbold, we have reported plenty of these cases. Namely related to the TON ecosystem, Tether freezing suspicious activity, and the attacker who returned stolen wBTC.
在芬博爾德,我們已經報告了許多這樣的案例。即與 TON 生態系統、Tether 凍結可疑活動以及歸還被盜 wBTC 的攻擊者有關。
Yet, these are only part of a broader issue that costs users worldwide millions of dollars. Surprisingly, newer but less popular technologies and crypto protocols are already partially mitigating this issue.
然而,這些只是一個更廣泛問題的一部分,使全球用戶損失了數百萬美元。令人驚訝的是,較新但不太流行的技術和加密協議已經部分緩解了這個問題。
How to avoid phishing attacks and wallet drains on DeFi?
如何避免 DeFi 上的釣魚攻擊和錢包流失?
Essentially, most of these attacks are due to human error, exploited in different ways. For example, connecting a wallet to a malicious application or signing a malicious permission or transaction.
從本質上講,大多數這些攻擊都是由於人為錯誤造成的,並以不同的方式被利用。例如,將錢包連接到惡意應用程式或簽署惡意許可或交易。
The most natural way to avoid falling victim to a phishing attack or wallet drain is to double-check websites and understand what you are signing up for, literally. For that, users can prioritize wallets and protocols with easily readable transaction signing, disclosing the action in detail.
避免成為網路釣魚攻擊或錢包流失受害者的最自然方法是仔細檢查網站並從字面上理解您正在註冊的內容。為此,用戶可以透過易於閱讀的交易簽名來優先考慮錢包和協議,並詳細披露操作。
However, more advanced technologies have already developed built-in solutions for crypto protocols that help prevent human errors, focusing on security.
然而,更先進的技術已經開發了加密協定的內建解決方案,有助於防止人為錯誤,並專注於安全性。
Native assets prevent phishing and wallet drains
原生資產可防止網路釣魚和錢包流失
Popular blockchains like Ethereum (ETH), BNB Chain (BNB), Solana (SOL), Tron (TRX), Avalanche (AVAX), Algorand (ALGO), and Near (NEAR) all use a model where tokens work differently from their native assets, functioning through smart contract calls that require a previous special permission to move the funds.
以太坊(ETH)、BNB Chain (BNB)、Solana (SOL)、Tron (TRX)、Avalanche (AVAX)、Algorand (ALGO) 和Near (NEAR) 等流行區塊鏈都使用代幣與原生代幣工作方式不同的模型資產,透過智能合約呼叫運行,需要事先獲得特殊許可才能轉移資金。
Dave, also known as DBCrypto, commented about this model with Finbold.
Dave(也稱為 DBCrypto)與 Finbold 評論了該模型。
“The smart contract-based token model found on Ethereum, L2’s, and EVM chains is not only inefficient but also insecure, delaying Web3 adoption.”
“以太坊、L2 和 EVM 鏈上基於智能合約的代幣模型不僅效率低下,而且不安全,延遲了 Web3 的採用。”
On the other hand, chains like Cardano (ADA), Sui (SUI), MultiversX (EGLD), and Radix (XRD) use a native-asset token model. In this model, all tokens behave as native assets within the protocol, not requiring database permissions that can be exploited. Users need to sign every transaction to move tokens in their ownership, creating another layer of security.
另一方面,Cardano (ADA)、Sui (SUI)、MultiversX (EGLD) 和 Radix (XRD) 等鏈使用原生資產代幣模型。在此模型中,所有代幣都充當協議內的本機資產,不需要可利用的資料庫權限。用戶需要簽署每筆交易才能轉移其所有權中的代幣,從而創建另一層安全性。
Interestingly, users can now benefit as developers take a more careful look toward security concerns, phishing attacks, and token models. At one point, investors will inevitably need to choose whether they accept the old standards or migrate to the newer ones in the competitive and innovative free market that is crypto.
有趣的是,隨著開發人員更加仔細地關注安全問題、網路釣魚攻擊和令牌模型,用戶現在可以受益。在某個時刻,投資者將不可避免地需要選擇是否接受舊標準還是在競爭性和創新的加密貨幣自由市場中遷移到新標準。
Disclaimer:info@kdj.com
The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!
If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.
-
- Ronin Network:8年質押計畫促進網路長期發展
- 2024-09-29 00:25:12
- Ronin Network 制定了一項為期 8 年的質押獎勵計劃,以加強其地位並鼓勵持續參與。
-
- 世界幣價格預測:隨著多頭重新獲得控制權,WLD 將飆升 50%
- 2024-09-29 00:25:12
- 世界幣的價格突破了下降模式,在市場上引起了巨大的轟動。雖然市場參與者認為該代幣在沒有任何看跌幹擾的情況下達到了 3 美元,但該代幣開始在窄幅區間內盤整。
-
- RCO Finance (RCOF):Cardano (ADA) 的一個有前景的替代方案
- 2024-09-29 00:25:02
- 儘管市場正在經歷重大復甦,比特幣觸及 65,000 美元,但卡爾達諾投資者卻面臨著不同的現實。該代幣並未像許多人預期的那樣飆升
-
- Bitgert 與 Altlayer Coin:哪個是更好的投資?
- 2024-09-29 00:25:02
- 加密貨幣市場即將迎來牛市,目前對投資人來說前景看好。比特幣已突破 6.5 萬美元大關,山寨幣也顯示出成長潛力。
-
- 本週加密創投:Celestia 基金會籌集 1 億美元,Infinex 從 NFT 銷售中獲得 6,529 萬美元
- 2024-09-29 00:25:02
- 在本週的創投更新中,超過 2.53 億美元流入了加密新創公司世界,儘管其中大部分資金流向了區塊鏈網路 Celestia 基金會。
-
- Neuraswap:改變人工智慧資料代幣化和去中心化交易
- 2024-09-29 00:25:02
- 在一次令人興奮的合作中,GPT Protocol 與 ApeBond 聯手推出了第一個以人工智慧為中心的去中心化交易所 (DEX)
-
- 市場活動活躍,BONK 和 UNIT 飆升,RWA 代幣化受到關注
- 2024-09-29 00:25:02
- BONK 在過去 24 小時內上漲了 5.70%,交易價格為 0.000020 美元。 BONK 24小時交易量達1.816億美元,備受關注
-
- 隨著 XRP 和 Polygon 遇到障礙,BlockDAG 成為 2024 年加密貨幣領域的潛在領導者
- 2024-09-29 00:25:02
- 在加密貨幣領域,XRP 和 Polygon 遇到了重大障礙。過去一年,Polygon 的市場表現大幅下滑,很大程度上是由於其作為以太坊擴容解決方案的作用。
-
- 為什麼 TAO (Bittensor) 持有者現在轉向 Bitgert (BRISE)
- 2024-09-29 00:20:14
- 隨著加密貨幣領域的成熟,TAO(Bittensor)投資者現在正在尋找能夠在長期內提供更大價值的項目。