bitcoin
bitcoin

$99315.158694 USD

6.21%

ethereum
ethereum

$3535.023170 USD

5.96%

tether
tether

$0.999473 USD

0.06%

xrp
xrp

$2.344270 USD

7.72%

bnb
bnb

$697.979535 USD

2.29%

solana
solana

$197.914579 USD

6.64%

dogecoin
dogecoin

$0.337420 USD

8.02%

usd-coin
usd-coin

$0.999983 USD

-0.02%

cardano
cardano

$0.943789 USD

6.81%

tron
tron

$0.258371 USD

3.26%

avalanche
avalanche

$41.575931 USD

12.39%

chainlink
chainlink

$24.978819 USD

10.11%

toncoin
toncoin

$5.818459 USD

5.84%

shiba-inu
shiba-inu

$0.000023 USD

6.98%

sui
sui

$4.682562 USD

9.06%

加密貨幣新聞文章

Hyperliquid 否認遭到北韓 Lazarus 集團的駭客攻擊,儘管鏈上數據顯示有大規模資金撤回的證據

2024/12/24 08:53

今天,有關北韓駭客攻擊的謠言不斷流傳,導致用戶從該平台撤回 6,000 萬美元。

Hyperliquid 否認遭到北韓 Lazarus 集團的駭客攻擊,儘管鏈上數據顯示有大規模資金撤回的證據

Hyperliquid, a decentralized exchange (DEX), has denied rumors of a hack by North Korea's Lazarus Group, despite on-chain data showing large-scale fund withdrawals from suspicious wallet addresses linked to the group.

去中心化交易所(DEX)Hyperliquid 否認了有關朝鮮 Lazarus 集團遭到駭客攻擊的傳言,儘管鏈上數據顯示,有大量資金從與該集團相關的可疑錢包地址中提取。

On December 23, several North Korea-linked wallet addresses reportedly deposited and withdrew substantial amounts of ETH from Hyperliquid, according to on-chain data analysis.

根據鏈上數據分析,12 月 23 日,據報道,幾個與北韓相關的錢包位址從 Hyperliquid 存入和提取了大量 ETH。

This activity has sparked speculation among members of the crypto community, who are closely monitoring the situation and awaiting official statements from the exchange and relevant authorities.

這項活動引發了加密貨幣社群成員的猜測,他們正在密切關注事態發展,並等待交易所和有關當局的官方聲明。

Meanwhile, Taylor Monahan, a security expert at Metamask, has expressed concern over the lack of clear signs of user fund manipulation by the hackers. According to Monahan, the hackers may have already breached Hyperliquid's security without directly interfering with user funds.

與此同時,Metamask 安全專家泰勒·莫納漢 (Taylor Monahan) 對缺乏駭客操縱用戶資金的明顯跡象表示擔憂。莫納漢表示,駭客可能已經在沒有直接幹擾用戶資金的情況下破壞了 Hyperliquid 的安全性。

“The hackers do not need to touch any user funds to pwn the platform. Any party that is able to do a full technical audit of the platform will be able to identify clear vulnerabilities in the code or architecture of the platform. These should then be shared with the platform team for them to fix,” stated Monahan.

「駭客不需要動用任何用戶資金就可以攻擊該平台。任何能夠對平台進行全面技術審核的一方都將能夠識別平台程式碼或架構中的明顯漏洞。然後應將這些問題與平台團隊共享,以便他們進行修復。

Hyperliquid yet to Address Lazarus Accusations Publicly

Hyperliquid 尚未公開回應拉撒路的指控

Rumors of the Lazarus Group targeting Hyperliquid began circulating today, prompting many users to withdraw around $60 million from the platform.

有關 Lazarus 集團針對 Hyperliquid 的謠言今天開始流傳,促使許多用戶從該平台提取了約 6,000 萬美元。

As these rumors spread, the exchange's HYPE token was already experiencing a decline, leading official accounts to attempt damage control through Discord messages.

隨著這些謠言的傳播,該交易所的 HYPE 代幣已經出現下跌,導致官方帳號試圖透過 Discord 訊息來控制損害。

“There has been no DPRK exploit- or any exploit for that matter- of Hyperliquid. All user funds are acounted for. Hyperliquid Labs takes OpSec seriously. No Vulnerabilities have been shared by any party. To be clear, there was never any allegation of any exploit on Hyperliquid,” posted one of the platform's executives on Discord.

「北韓沒有利用過 Hyperliquid,也不存在任何與此相關的利用。所有用戶資金已入帳。 Hyperliquid Labs 非常重視 OpSec。任何一方均未共享任何漏洞。需要明確的是,從來沒有任何針對 Hyperliquid 的任何利用的指控,」該平台的一位高層在 Discord 上發文表示。

While the platform executives are denying any Lazarus Group involvement and claiming that all user funds are accounted for, Hyperliquid has yet to make any public statements or announcements to address the accusations.

儘管平台高層否認 Lazarus Group 參與其中,並聲稱所有用戶資金均已入賬,但 Hyperliquid 尚未發表任何公開聲明或公告來回應這些指控。

On the other hand, the on-chain data analysis reveals that Lazarus-linked accounts did indeed deposit $476,489 in ETH tokens onto Hyperliquid before subsequently withdrawing them.

另一方面,鏈上數據分析顯示,Lazarus 關聯帳戶確實將 476,489 美元的 ETH 代幣存入 Hyperliquid,然後再提取。

While these movements alone may not definitively indicate an exploit, the large volume of outflow from suspicious wallet addresses in a single day is certainly raising eyebrows.

雖然這些動作本身可能並不能明確表明存在漏洞,但可疑錢包地址在一天之內的大量流出無疑令人震驚。

However, MetaMask security expert Taylor Monahan is urging greater caution. Given the crypto industry's familiarity with the severity of any incident linked to the infamous Lazarus Group, Hyperliquid should be taking its threats very seriously, according to the security expert

然而,MetaMask 安全專家泰勒·莫納漢 (Taylor Monahan) 敦促大家更加謹慎。安全專家表示,鑑於加密產業對與臭名昭著的拉撒路集團有關的任何事件的嚴重性都很熟悉,Hyperliquid 應該非常認真地對待其威脅

“I am quite concerned that you guys are at increased risk due to the fact that we know that these specific threat actors are now intimately familiar with your platform. I really want to emphasize that these are the most sophisticated and rapidly evolving of all the DPRK threat groups. They are very creative and persistent,” claimed Monahan.

「我非常擔心你們面臨的風險會增加,因為我們知道這些特定的威脅行為者現在非常熟悉你們的平台。我真的想強調,這些組織是所有北韓威脅組織中最複雜、發展最快的。他們非常有創造力並且堅持不懈。

Monahan went on to state that the exchange's evasive and defiant attitude is a very worrying sign. Even if Lazarus hasn't disturbed any of the funds on Hyperliquid, it may have already penetrated its security.

莫納漢接著表示,交易所的迴避和挑釁態度是一個非常令人擔憂的跡象。即使 Lazarus 沒有擾亂 Hyperliquid 上的任何資金,它也可能已經滲透了其安全性。

The Metamask security expert also highlighted that the firm has no more than 4 validators, all of which run the same code, and an unknown number of higher-ups who can bypass key security vulnerabilities.

Metamask 安全專家也強調,該公司擁有不超過 4 個驗證器,所有驗證器都運行相同的程式碼,並且有數量未知的可以繞過關鍵安全漏洞的高層。

“In short, if any of the founders, executives, or engineers use the same devices to access the same systems, then one malware link could unravel the whole operation. Lateral movement is one of the key strategies of North Korean hackers, where they leverage multiple access points to move through a network. So, if one high-level person's private device gets compromised, a major hack becomes inevitable. But, as of now, Hyperliquid does not seem stressed about these accusations.

「簡而言之,如果任何創辦人、高階主管或工程師使用相同的裝置存取相同的系統,那麼一個惡意軟體連結就可能破壞整個操作。橫向移動是北韓駭客的關鍵策略之一,他們利用多個接入點在網路中移動。因此,如果一位高層人員的私人設備受到損害,重大駭客攻擊就不可避免。但截至目前,Hyperliquid 似乎並未對這些指控感到壓力。

新聞來源:beincrypto.com

免責聲明:info@kdj.com

The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!

If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.

2024年12月25日 其他文章發表於