Binance Launchpool 駭客攻擊暴露了持續存在的加密漏洞

最近，幣安發行池發生安全漏洞，導致假 ENA 代幣被利用，導致價值約 29 萬美元的 480 個 BNB 代幣被盜。

Binance Launchpool Security Breach Exposes Ongoing Crypto Vulnerabilities

幣安 Launchpool 安全漏洞暴露了持續存在的加密漏洞

In a brazen and costly security breach, Binance's Launchpool platform became the stage for a malicious imposter token masquerading as Ethena Labs' legitimate ENA token. This deceitful scheme resulted in the unlawful extraction of 480 BNB tokens, valued at approximately $290,000.

在一個公然且代價高昂的安全漏洞中，幣安的 Launchpool 平台成為惡意冒名頂替者代幣偽裝成 Ethena Labs 合法 ENA 代幣的舞台。這項欺騙性計劃導致 480 個 BNB 代幣被非法提取，價值約 29 萬美元。

The exact vulnerability exploited in this incident remains shrouded in mystery. However, security experts have identified a series of factors that may have contributed to the breach.

此事件中所利用的具體漏洞仍籠罩在神秘之中。然而，安全專家已經確定了一系列可能導致此次洩漏的因素。

Initial reports of the incident emerged from PeckShield, an on-chain security firm, at 8:31 am UTC on March 29. In a confusing twist, PeckShield initially misidentified the counterfeit token as the genuine ENA token in a post on X.

3 月29 日上午8:31，鏈上安全公司PeckShield 發布了該事件的初步報告。令人困惑的是，PeckShield 最初在X 上的一篇貼文中將假冒代幣誤認為是真正的ENA 代幣。

This deceptive operation unfolded mere hours after Ethena Labs officially announced its ENA token on Binance's Launchpool on the same day. The timing and similarity in nomenclature created a fertile ground for confusion among investors and stakeholders.

這項欺騙性操作是在 Ethena Labs 同日在幣安 Launchpool 上正式宣布其 ENA 代幣幾個小時後發生的。命名的時機和相似性為投資者和利害關係人之間的混亂創造了肥沃的土壤。

This incident casts a shadow over the otherwise successful launch of Ethena Labs' USDe synthetic dollar on February 19. By March 8, Ethena had garnered accolades as the top-earning decentralized application (DApp) in the cryptocurrency sector, promising investors an annual percentage yield (APY) of 67%.

這一事件給Ethena Labs 於2 月19 日成功推出USDe 合成美元蒙上了陰影。截至3 月8 日，Ethena 已獲得加密貨幣領域收入最高的去中心化應用程式(DApp) 的讚譽，向投資者承諾了年百分比收益率(APY) 為 67%。

While the exploit involving the counterfeit ENA token may pale in comparison to other cryptocurrency heists, it occurred in close proximity to the Prisma Finance hack on March 28, which resulted in losses exceeding $11 million.

雖然涉及假冒 ENA 代幣的漏洞與其他加密貨幣盜竊案相比可能相形見絀，但它發生的時間與 3 月 28 日 Prisma Finance 駭客攻擊事件非常接近，導致損失超過 1,100 萬美元。

These events underscore the ongoing challenges and security vulnerabilities that plague the crypto industry, undermining investor confidence.

這些事件凸顯了困擾加密貨幣產業的持續挑戰和安全漏洞，削弱了投資者的信心。

Blockchain security firm Immunefi reports that throughout 2024, over $200 million in cryptocurrency assets have been compromised across 32 separate incidents up to February 29. This represents a 15.4% increase from the losses recorded in January and February 2023, which totaled $173 million.

區塊鏈安全公司Immunefi 報告稱，截至2 月29 日，2024 年全年，超過2 億美元的加密貨幣資產在32 起不同事件中遭到洩露。這比2023 年1 月和2 月記錄的損失總額增加了15.4%，損失總額為1.73 億美元。

The cryptocurrency sector endured significant losses due to hacking activities in 2023, with a total of $1.8 billion stolen. The North Korean Lazarus Group was responsible for approximately 17% of these losses.

2023 年，加密貨幣產業因駭客活動遭受重大損失，總計 18 億美元被盜。北韓 Lazarus 集團約佔這些損失的 17%。

However, a report from Chainalysis, titled the "2024 Crypto Crime Report," highlights a decline in overall crypto theft in 2023. While 2022 witnessed the peak of such activity, with over $3.7 billion in stolen funds, 2023 saw a significant drop to $1.7 billion. Chainalysis attributes this decline primarily to a reduction in decentralized finance (DeFi) hacking incidents, with the total value stolen from DeFi platforms dropping by 63.7%.

然而，Chainaanalysis 的一份題為「2024 年加密貨幣犯罪報告」的報告強調，2023 年加密貨幣盜竊總量有所下降。雖然2022 年見證了此類活動的頂峰，被盜資金超過37 億美元，但2023 年大幅下降至1.7 美元十億。 Chainaanalysis 將這一下降主要歸因於去中心化金融 (DeFi) 駭客事件的減少，從 DeFi 平台被盜的總價值下降了 63.7%。

As the cryptocurrency industry continues to evolve and expand, it is imperative that exchanges, developers, and investors prioritize security measures. The recent Binance Launchpool breach serves as a stark reminder of the need for continuous vigilance and robust cybersecurity protocols to protect the integrity of the crypto ecosystem.

隨著加密貨幣產業的不斷發展和擴張，交易所、開發商和投資者必須優先考慮安全措施。最近的幣安 Launchpool 洩漏事件清楚地提醒我們需要持續保持警惕並採用強大的網路安全協議來保護加密生態系統的完整性。