|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
最近針對以太坊的網路釣魚攻擊導致加密貨幣投資者損失了超過 18 萬美元的 USDC 和 ANDY 代幣。駭客利用受害者與智能合約的交互,將多個函數呼叫組合成一個交易,耗盡他們的餘額。這次攻擊突顯了加密貨幣產業中網路釣魚詐騙的日益盛行,光是 2 月就有超過 57,000 名用戶總共損失了 4,600 萬美元。
Cryptocurrency Investor Loses Over $180,000 in Phishing Attack Targeting Ethereum and Meme Coin
加密貨幣投資者在針對以太幣和 Meme Coin 的網路釣魚攻擊中損失超過 18 萬美元
On April 23rd, a cryptocurrency investor fell prey to a sophisticated phishing attack targeting their Ethereum (ETH) wallet, resulting in the loss of over $180,000 worth of digital assets. The incident, which unfolded over a span of just one hour, was meticulously executed by cybercriminals exploiting the victim's interactions with smart contracts.
4 月 23 日,一名加密貨幣投資者遭遇針對其以太坊 (ETH) 錢包的複雜網路釣魚攻擊,導致價值超過 18 萬美元的數位資產損失。該事件發生僅一小時,是網路犯罪分子利用受害者與智能合約的交互精心實施的。
Data obtained from the blockchain analytics firm Etherscan revealed that the attack began at 05:39 UTC and continued until 06:29 UTC. The perpetrators utilized a "multi-call phishing" technique, combining multiple function calls into a single transaction. While these calls may appear innocuous individually, their collective impact allowed the attackers to siphon funds from the victim's wallet.
從區塊鏈分析公司 Etherscan 獲得的數據顯示,攻擊於世界標準時間 05:39 開始,一直持續到世界標準時間 06:29。犯罪者利用了「多重呼叫網路釣魚」技術,將多個函數呼叫組合到一個事務中。雖然這些電話單獨看來無害,但它們的集體影響力使攻擊者能夠從受害者的錢包中竊取資金。
Transaction records indicate that the perpetrators directed outflows from the victim's address to multiple wallets under their control. Some of these wallets have been flagged as phishing entities by Etherscan. The attack resulted in the loss of over 1.6 billion ANDY tokens, a recently launched meme coin inspired by Pepe, valued at approximately $162,400, as well as 17,913 USDC, a stablecoin pegged to the US dollar.
交易記錄顯示,犯罪者將資金從受害者的地址轉移到他們控制的多個錢包。其中一些錢包已被 Etherscan 標記為網路釣魚實體。這次攻擊導致超過 16 億枚 ANDY 代幣(一種受 Pepe 啟發而最近推出的模因幣)損失,價值約 162,400 美元,以及 17,913 USDC(一種與美元掛鉤的穩定幣)。
This devastating attack effectively emptied the victim's cryptocurrency account, leaving behind a balance of just $32 worth of ETH and Arbitrum (ARB). While one of the attacker's wallets has retained the stolen funds, the second, which received all the ANDY tokens, immediately swapped them for Wrapped Ethereum (WETH) on the Uniswap decentralized exchange and transferred the WETH to a newly created address.
這次毀滅性的攻擊實際上清空了受害者的加密貨幣帳戶,只留下價值 32 美元的 ETH 和 Arbitrum (ARB) 餘額。雖然攻擊者的一個錢包保留了被盜資金,但第二個錢包收到了所有ANDY 代幣,立即在Uniswap 去中心化交易所將其兌換為Wrapped Ethereum (WETH),並將WETH 轉移到新創建的地址。
The attack most likely exploited the victim's interactions with smart contracts, which are self-executing programs stored on the blockchain. Malicious actors often create contracts that mimic legitimate decentralized finance (DeFi) operations, such as token swaps, but embed malicious code within the transactions. These embedded calls can grant the attacker the authority to transfer the user's tokens without their knowledge or consent.
這次攻擊很可能利用了受害者與智能合約的交互,智能合約是儲存在區塊鏈上的自動執行程序。惡意行為者經常創建模仿合法去中心化金融(DeFi)操作(例如代幣交換)的合約,但在交易中嵌入惡意程式碼。這些嵌入式呼叫可以授予攻擊者在用戶不知情或未經同意的情況下轉移用戶代幣的權限。
This phishing attack bears striking similarities to a previous incident reported by Crypto.news in March, where an investor lost $674,000 in USDC in a similar multi-call phishing scheme. The perpetrators swiftly funneled the stolen assets to the Ox protocol for liquidation.
這次網路釣魚攻擊與 Crypto.news 3 月報告的先前事件有著驚人的相似之處,當時一名投資者在類似的多次網路釣魚計劃中損失了 674,000 美元的 USDC。犯罪者迅速將被盜資產轉移至 Ox 協議進行清算。
The prevalence of such phishing scams is alarming, with a recent report indicating that over 57,000 cryptocurrency users lost approximately $46 million to phishing attacks in February alone. These attacks highlight the importance of vigilance and caution when interacting with smart contracts and decentralized exchanges.
這類網路釣魚詐騙的盛行令人震驚,最近的一份報告表明,光是 2 月就有超過 57,000 名加密貨幣用戶因網路釣魚攻擊而損失了約 4,600 萬美元。這些攻擊凸顯了在與智能合約和去中心化交易所互動時保持警惕和謹慎的重要性。
Investors are urged to exercise extreme caution when authorizing transactions or connecting their wallets to third-party platforms. It is crucial to thoroughly verify the authenticity of contracts and websites before granting any approvals. Additionally, utilizing hardware wallets for storing cryptocurrency and employing multi-factor authentication can provide an extra layer of protection against phishing attempts.
投資者在授權交易或將錢包連接到第三方平台時應格外謹慎。在授予任何批准之前,徹底驗證合約和網站的真實性至關重要。此外,利用硬體錢包儲存加密貨幣並採用多因素身份驗證可以提供額外的保護層,防止網路釣魚嘗試。
免責聲明:info@kdj.com
The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!
If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.
-
- PEPE 下跌導致加密鯨損失近 50 萬美元,RBLK 投資本可賺取 1,000 萬美元
- 2024-12-25 21:10:02
- 加密鯨魚可能有神秘的身份,但他們是像你我一樣的人類。
-
- BC.GAME 透過 BC 原生代幣空投 2 億美元獎勵忠實玩家
- 2024-12-25 21:10:02
- BC代幣分配獎勵忠實玩家,在活動期間提供獨家獎金和平台福利。
-
- 山寨幣市場觸及 4,250 億美元:這意味著什麼?
- 2024-12-25 21:10:01
- 上週,山寨幣市場觸及 4,512.8 億美元的高點,隨後穩定在 4,250 億美元以上。這是兩年多來的最高水準。
-
- 輕鏈AI(LCAI):一個具有巨大成長潛力的項目
- 2024-12-25 21:10:01
- 輕鏈人工智慧(LCAI)因其創新的生態系統和現實世界的實用性而成為一個具有巨大成長潛力的專案。
-
- 柴犬燃燒率飆漲推高價格
- 2024-12-25 21:10:01
- 在聖誕節前的 24 小時內,柴犬生態系統見證了 SHIB 燃燒活動的增加。
-
- Cardano (ADA) 和 XYZVerse (XYZ) 將在 2025 年主導加密貨幣領域
- 2024-12-25 21:05:01
- 人們越來越期待 2025 年加密貨幣領域可能會迎來一個變革時期。