儘管盜竊了 3.26 億美元，但駭客仍有資格利用蟲洞漏洞獲得 5 萬美元獎勵

由於 Wormhole 的疏忽未能排除與駭客攻擊相關的錢包，價值 3.26 億美元的 Wormhole 漏洞攻擊者已經有資格索取超過 50,000 美元的 W 代幣。這項資格源自於 2022 年 2 月漏洞利用期間進行的交易，之後 Wormhole 將其代幣空投給其跨鏈訊息基礎設施的早期採用者。該事件仍然是最大的加密安全漏洞之一，利用該漏洞鑄造了 120,000 個蟲洞以太幣 (whETH)。

Wormhole Exploitation: Hacker Eligible to Claim over $50,000 in Rewards

蟲洞利用：駭客有資格獲得超過 50,000 美元的獎勵

April 4, 2023 - The perpetrator behind the notorious $326 million exploit on the Wormhole cross-chain bridge has unexpectedly become eligible to claim over $50,000 worth of W tokens. This revelation has sparked concerns about the integrity of the Wormhole airdrop and raised questions about the project's security measures.

2023 年 4 月 4 日——蟲洞跨鏈橋臭名昭著的 3.26 億美元漏洞背後的肇事者出人意料地有資格領取價值超過 50,000 美元的 W 代幣。這項消息引發了人們對蟲洞空投完整性的擔憂，並引發了對該計畫安全措施的質疑。

According to a report by Degen News, the hacker's eligibility stems from transactions made using four wallets during the February 2022 exploit. These transactions qualified the perpetrator for 31,000 W tokens, a substantial portion of the 617 million tokens airdropped to early adopters.

根據 Degen News 報道，駭客的資格源於 2022 年 2 月漏洞利用期間使用四個錢包進行的交易。這些交易使犯罪者有資格獲得 31,000 W 代幣，這是空投給早期採用者的 6.17 億代幣中的很大一部分。

The eligibility issue was discovered on April 3 by Pland, another Degen News user, after Wormhole inadvertently failed to exclude the wallets linked to the hack. The airdrop was conducted on the same day, distributing tokens to individuals who had interacted with Wormhole's cross-chain messaging protocol.

4 月 3 日，另一位 Degen News 用戶 Pland 發現了這個資格問題，此前 Wormhole 無意中未能排除與駭客攻擊有關的錢包。空投在同一天進行，將代幣分發給與 Wormhole 跨鏈訊息協議互動的個人。

Rekt News, a prominent security-focused outlet, has highlighted the Wormhole incident as the fifth largest crypto theft in history. The hacker bypassed the project's smart contract to mint 120,000 Wormhole Ether (whETH) on February 2, 2022.

Rekt News 是一家著名的安全媒體，它強調蟲洞事件是史上第五大加密貨幣竊盜事件。駭客繞過該專案的智慧合約，於 2022 年 2 月 2 日鑄造了 120,000 個蟲洞以太幣（whETH）。

The exploit prompted the perpetrator to transfer 93,750 Ether back to the Ethereum network and liquidate their remaining holdings on Solana into USD Coin (USDC) and SOL. However, the entire loss was covered by Wormhole's backer, Jump Crypto, the following day.

該漏洞促使犯罪者將 93,750 以太幣轉移回以太坊網絡，並將其在 Solana 上的剩餘資產清算為美元硬幣 (USDC) 和 SOL。然而，第二天，Wormhole 的支持者 Jump Crypto 就彌補了全部損失。

The revelation of the hacker's eligibility for rewards has cast a shadow over Wormhole's airdrop. Critics have argued that excluding the hacker's wallets should have been a priority for the team, as it would have prevented the distribution of tokens to a known malicious actor.

駭客獲得獎勵資格的曝光給蟲洞的空投蒙上了陰影。批評者認為，排除駭客的錢包應該是該團隊的首要任務，因為這可以防止將代幣分發給已知的惡意行為者。

The incident has also reignited concerns about Wormhole's security protocols. The fact that the hacker was able to bypass the project's smart contract has raised questions about the robustness of the code and the project's overall security posture.

這起事件也重新引發了人們對 Wormhole 安全協議的擔憂。駭客能夠繞過該專案的智慧合約這一事實引發了人們對程式碼的穩健性和專案整體安全狀況的質疑。

Wormhole has yet to comment on the situation or provide an explanation for the failure to exclude the hacker's wallets from the airdrop. The project's team is expected to issue a statement in the coming days to address the public's concerns and provide further details on the eligibility criteria.

Wormhole 尚未對此事發表評論，也沒有對未能將駭客的錢包排除在空投之外提供解釋。該專案團隊預計將在未來幾天發布一份聲明，以解決公眾的擔憂，並提供有關資格標準的更多細節。