Hedgefinance 在雙重網路攻擊中損失 4,400 萬美元

DeFi 平台 Hedgey Finance 遭遇 Arbitrum 和以太坊兩次攻擊，造成 4,400 萬美元損失。對 Arbitrum 的第一次攻擊導致價值 4,280 萬美元的 ARB 代幣被盜，而對以太坊的第二次攻擊則導致價值 190 萬美元的 ARB 代幣被盜。網路安全公司 Cyvers Alerts 就最初的攻擊向用戶和 Hedgey Finance 團隊發出了警報。

Hedgey Finance Suffers Double Attack, Resulting in $44 Million Loss

對沖金融遭遇雙重攻擊，損失4400萬美元

Hedgey Finance, a decentralized finance (DeFi) platform, has fallen victim to two separate attacks in the early hours of Friday, leading to the loss of approximately $44 million worth of cryptocurrency.

去中心化金融 (DeFi) 平台 Hedgey Finance 在周五凌晨遭受了兩次獨立攻擊，導致價值約 4,400 萬美元的加密貨幣損失。

Arbitrum Attack

任意攻擊

The first attack occurred on the Arbitrum blockchain, where malicious actors exploited a vulnerability to drain $42.8 million worth of ARB tokens from Hedgey Finance's smart contracts. This substantial theft was detected and reported by Cyvers Alerts, a leading cybersecurity firm.

第一次攻擊發生在 Arbitrum 區塊鏈上，惡意行為者利用漏洞從 Hedgey Finance 的智慧合約中竊取了價值 4,280 萬美元的 ARB 代幣。這起重大盜竊事件是由領先的網路安全公司 Cyvers Alerts 發現並報告的。

Ethereum Attack

以太坊攻擊

Approximately two hours later, a second attack targeted Hedgey Finance on the Ethereum blockchain. This time, attackers siphoned off $1.9 million worth of Ethereum (ETH), which was subsequently converted into Dai, a stable cryptocurrency pegged to the value of the US dollar.

大約兩個小時後，第二次攻擊針對以太坊區塊鏈上的 Hedgey Finance。這次，攻擊者竊取了價值 190 萬美元的以太幣 (ETH)，隨後將其兌換成與美元價值掛鉤的穩定加密貨幣 Dai。

Initial Response

初步反應

Cyvers Alerts promptly alerted Hedgey Finance and the broader DeFi community about the initial attack, prompting the platform's team to initiate an investigation. Within hours, Hedgey Finance issued a security alert, urging users to cancel any active token claims on its platform.

Cyvers Alerts 立即就最初的攻擊向 Hedgey Finance 和更廣泛的 DeFi 社群發出警報，促使該平台團隊啟動調查。在幾個小時內，Hedgey Finance 發布了安全警報，敦促用戶取消其平台上任何活躍的代幣認領。

Affected Protocols

受影響的協議

Several DeFi protocols were impacted by the attack, including Noble Blocks, a Decentralized Science (DeSci) project that had a vesting contract with Hedgey Finance. Vesting contracts are utilized to gradually release tokens over a predetermined period.

多個 DeFi 協議受到此次攻擊的影響，其中包括 Noble Blocks，這是一個與 Hedgey Finance 簽訂了歸屬合約的去中心化科學 (DeSci) 專案。歸屬合約用於在預定期限內逐步釋放代幣。

Potential Vulnerability

潛在的漏洞

Blockchain sleuths have speculated that the Ethereum-based attack may have been facilitated by a single line of code. However, the Hedgey Finance team has not yet officially confirmed this theory.

區塊鏈偵探推測，基於以太坊的攻擊可能是由一行程式碼促成的。不過，Hedgey Finance團隊尚未正式證實這項理論。

Ongoing Investigation

正在進行的調查

At the time of writing, Hedgey Finance has not provided any further updates on the situation. The platform's team is actively investigating the attacks to determine the exact cause and implement measures to prevent similar incidents in the future.

截至撰寫本文時，對沖基金尚未提供有關情況的任何進一步更新。該平台的團隊正在積極調查這些攻擊，以確定確切原因並採取措施防止將來發生類似事件。

DeFi Security Concerns

DeFi 安全性問題

The Hedgey Finance attack highlights the ongoing security challenges within the DeFi ecosystem. Smart contract vulnerabilities and malicious actors pose significant risks to users and platforms alike. As the DeFi industry continues to grow and evolve, it is crucial for stakeholders to prioritize security measures and auditing protocols to mitigate vulnerabilities and protect user funds.

Hedgey Finance 攻擊凸顯了 DeFi 生態系統中持續存在的安全挑戰。智慧合約漏洞和惡意行為者對使用者和平台帶來重大風險。隨著 DeFi 產業的不斷發展和發展，利害關係人優先考慮安全措施和審計協議以減少漏洞並保護用戶資金至關重要。