隨著惡意行為者利用智慧合約中的漏洞,區塊鏈網路面臨日益嚴峻的安全挑戰,而 Coinbase 的 Base 網路在高風險偵測方面處於領先地位。
Analysis of smart contract vulnerabilities by Trugard Labs reveals Coinbase’s Base network had the highest detections in August, with over 34,000 high-risk vulnerabilities identified.
Trugard Labs 對智慧合約漏洞的分析顯示,Coinbase 的 Base 網路在 8 月的偵測量最高,發現了超過 34,000 個高風險漏洞。
Key Takeaways:
要點:
Coinbase's Base network was found to have the highest number of high-risk smart contract vulnerabilities in August, according to data from Trugard Labs.
根據 Trugard Labs 的數據,Coinbase 的 Base 網路在 8 月被發現有最多的高風險智慧合約漏洞。
Base network's vulnerability to Digital Signature issues was highlighted, with nearly 22,000 detections related to tampering in standard libraries.
基礎網路在數位簽章問題上的脆弱性被凸顯出來,有近 22,000 次偵測與標準庫中的竄改相關。
Malicious boolean checks on token transfers were also identified as a major risk on Base, with over 6,300 instances detected.
對代幣傳輸的惡意布林檢查也被確定為 Base 上的主要風險,已偵測到 6,300 多個實例。
The analysis suggests that web2 hackers are shifting focus to web3, with cybercriminal groups adapting their tactics to exploit vulnerabilities in decentralized finance protocols.
分析表明,web2 駭客正在將注意力轉向 web3,網路犯罪集團調整策略以利用去中心化金融協議中的漏洞。
Analysis by Trugard Labs has identified Coinbase’s Base network with the highest detections of smart contract vulnerabilities in August, with over 34,000 high-risk vulnerabilities. The analysis, which utilized Trugard's Xcalibur tool to assess risks in smart contracts on multiple blockchain networks, aimed to highlight the vulnerability of protocols deployed on various networks to exploitation.
Trugard Labs 的分析發現,Coinbase 的 Base 網路在 8 月智慧合約漏洞偵測量最高,有超過 34,000 個高風險漏洞。該分析利用 Trugard 的 Xcalibur 工具評估多個區塊鏈網路上智慧合約的風險,旨在強調部署在各種網路上的協議易被利用的漏洞。
According to the data, Base network was found to be particularly susceptible to Digital Signature issues, with nearly 22,000 detections. These detections were primarily related to tampering in standard libraries, such as SafeMath, which is designed to prevent overflows in arithmetic operations. The analysis also identified malicious boolean checks on token transfers as a major risk on Base, with over 6,300 instances detected. These checks could potentially block or manipulate token transfers, presenting a key vulnerability.
數據顯示,Base 網路被發現特別容易受到數位簽章問題的影響,偵測次數接近 22,000 次。這些檢測主要與標準庫中的篡改有關,例如 SafeMath,旨在防止算術運算中的溢出。分析還發現,對代幣傳輸的惡意布林檢查是 Base 上的主要風險,已偵測到 6,300 多個實例。這些檢查可能會阻止或操縱代幣傳輸,從而出現一個關鍵漏洞。
The analysis further revealed several other major threats across the Base network, including unauthorized token burns, balance updates, and controlled minting attacks. Hidden balance updates and minting manipulations were also detected across Ethereum and BNB Chain (formerly Binance Smart Chain, BSC), albeit in smaller numbers.
該分析進一步揭示了 Base 網路中的其他幾個主要威脅,包括未經授權的代幣銷毀、餘額更新和受控鑄幣攻擊。以太坊和 BNB 鏈(前身為幣安智能鏈,BSC)也檢測到了隱藏的餘額更新和鑄幣操縱,儘管數量較少。
The findings suggest a shift in focus by cybercriminal groups, which were once primarily active in web2 and are now turning their attention to the rapidly expanding web3 ecosystem. As the decentralized finance (DeFi) sector grows, so does its appeal to threat actors. In the past, web2 criminals specialized in phishing, ransomware, and exploiting vulnerabilities in centralized systems. However, Trugard's analysis indicates that those same tactics are now being adapted to exploit vulnerabilities in smart contracts, decentralized finance protocols, and blockchain networks.
研究結果表明,網路犯罪集團的注意力發生了轉變,這些團夥曾經主要活躍在 web2 領域,現在正在將注意力轉向快速擴張的 web3 生態系統。隨著去中心化金融(DeFi)領域的發展,它對威脅行為者的吸引力也隨之增加。過去,web2 犯罪分子專門從事網路釣魚、勒索軟體和利用集中式系統中的漏洞。然而,Trugard 的分析表明,這些相同的策略現在正在被用來利用智慧合約、去中心化金融協議和區塊鏈網路中的漏洞。