Infini由於保留的管理員訪問而遭受了4900萬美元的違規，被盜的資金交換為DAI，轉換為ETH，安全問題上升

以加密貨幣為中心的新牛現在遭受了嚴重的安全漏洞。數據顯示，攻擊者利用其保留的行政訪問權限，可竊取4,900萬美元。

A crypto-focused neobank named Infini has fallen victim to a large-scale security breach, as per recent reports. The breach was made possible by an attacker who managed to retain administrative access after working on Infini's development as an external contractor. This breach resulted in the theft of funds valued at $49 million, which were then converted into DAI before being exchanged for Ethereum (ETH).

根據最近的報導，一個以加密貨幣為中心的Neobank被稱為Infini的新庫庫遭受了大規模安全漏洞的受害者。攻擊者使違規行為成為可能，後者在Infini作為外部承包商的發展工作後設法保留了行政訪問。這一違規行為導致盜竊價值4,900萬美元的資金，然後將其轉換為Dai，然後被換成以太坊（ETH）。

Cyvers Alerts has pinpointed an internal system vulnerability as the primary cause of this financial breach. The perpetrator in question had worked on Infini's development as an external contractor prior to the attack. Upon completing their work on the project, they surreptitiously maintained their administrator rights. Later on, they used this unauthorized access to target the system.

Cyvers Alerts已將內部系統漏洞確定為這種財務違規的主要原因。有問題的肇事者在襲擊之前一直在Infini作為外部承包商的發展。完成該項目的工作後，他們秘密地維護了其管理員權利。稍後，他們使用了針對系統的未經授權的訪問。

The attacker's preparations for the attack spanned over 100 days before its successful execution. They initiated the transaction by utilizing TornadoCash as their payment gateway, a privacy tool designed to conceal their identity. Following the initial ETH transaction, a small withdrawal was made to cover gas fees. Finally, the hackers employed the contract to pilfer all remaining funds within Infini's system, completing the breach.

攻擊者對襲擊的準備工作在成功執行之前已經跨越了100天。他們通過利用Tornadocash作為支付網關來啟動交易，這是一種旨在隱藏其身份的隱私工具。最初的ETH交易之後，進行了少量戒斷以支付汽油費。最後，黑客僱用了合同來竊取Infini系統中的所有剩餘資金，完成了違約。

This security breach incident has brought expanding security concerns to the forefront of the cryptocurrency industry. The problem of insider threats remains a significant danger to platforms that utilize smart contracts. Even organizations with deep industry knowledge can become vulnerable to such attacks if they lack proper access control systems in place. The cryptocurrency industry as a whole requires more frequent security assessments and enhanced developer permission tracking.

這一安全違規事件使加密貨幣行業的最前沿使安全問題擴大。內幕威脅的問題仍然對利用智能合約的平台構成了重大危險。如果具有深厚行業知識的組織，如果他們缺乏適當的訪問控制系統，也可能會容易受到此類攻擊的影響。整個加密貨幣行業需要更頻繁的安全評估和增強的開發人員許可跟踪。

The Infini breach is just one episode in a series of recent security breaches. On February 21, Bybit, a leading cryptocurrency exchange, was hit by a $1.4 billion hack. The hack, which occurred just days before the Infini breach, was the largest cryptocurrency exchange theft on record. The Infini breach adds to the growing number of security incidents targeting the crypto domain.

在最近的一系列安全漏洞中，Infini違規只是一集。 2月21日，領先的加密貨幣交易所Bybit被14億美元的黑客襲擊。該黑客發生在Infini違規前幾天，是有記錄以來最大的加密貨幣交換盜竊案。 Infini違規增加了針對加密型域的越來越多的安全事件。

As the market grows, companies are being forced to adopt stronger security measures. Multiple security measures, such as scheduled evaluations, dual authorizations, and increased supervision, will help prevent further incidents from occurring. Investors and users alike should be aware of these risks and choose crypto solutions that prioritize robust security platforms.

隨著市場的增長，公司被迫採取更強大的安全措施。多種安全措施，例如預定的評估，雙重授權和增加的監督，將有助於防止發生進一步的事件。投資者和用戶都應意識到這些風險，並選擇優先考慮強大安全平台的加密解決方案。