大規模 DeFi 漏洞：ARB Chain 和 Hedgey Finance 的數百萬代幣被盜

加密貨幣市場最近因兩起重大事件而面臨重大損失。 ARB 鏈上的漏洞導致 4,280 萬美元的代幣被盜，這些代幣是由可疑地址精心策劃的。 Hedgey Finance 也遭遇了安全漏洞，由於被盜資金被轉換為 DAI 並轉移到外部帳戶，導致損失 190 萬美元。

Massive DeFi Breach: Attackers Siphon Millions in Tokens from ARB Chain and Hedgey Finance

大規模 DeFi 漏洞：攻擊者從 ARB Chain 和 Hedgey Finance 竊取數百萬代幣

The cryptocurrency market has been rocked by a series of high-profile hacks, demonstrating the continued vulnerabilities within the decentralized finance (DeFi) ecosystem. Two recent incidents have resulted in the theft of over $40 million worth of tokens, raising concerns about the security of blockchain-based financial systems.

加密貨幣市場受到一系列備受矚目的駭客攻擊的衝擊，這表明去中心化金融（DeFi）生態系統中仍然存在漏洞。最近發生的兩起事件導致價值超過 4000 萬美元的代幣被盜，引發了人們對基於區塊鏈的金融系統安全性的擔憂。

ARB Chain Exploitation

ARB鏈利用

Web3 security firm Cyvers has revealed that an unidentified attacker exploited a vulnerability on the ARB platform, draining $42.8 million worth of tokens. The malicious address responsible for the attack, 0xc7241e27ee4b8d32b59a10e848b48530047a8c5b, executed a series of transactions to transfer the stolen funds, including 200,000 $BONUS tokens and $110,000 to Bybit_Official.

Web3 安全公司 Cyvers 透露，一名身份不明的攻擊者利用了 ARB 平台上的漏洞，損失了價值 4,280 萬美元的代幣。發動此攻擊的惡意地址 0xc7241e27ee4b8d32b59a10e848b48530047a8c5b 執行了一系列交易來轉移被盜資金，其中包括 200,000 $BONUS 代幣和 110,000 美元至 Bybit_Offi。

The incident highlights the growing sophistication of attackers targeting DeFi protocols. The exploitation of the ARB chain demonstrates the importance of robust security measures and timely incident response mechanisms to mitigate potential losses.

該事件凸顯了針對 DeFi 協定的攻擊者的技術日益成熟。 ARB 鏈的利用證明了強大的安全措施和及時的事件回應機制對於減輕潛在損失的重要性。

Hedgey Finance Token Claim Contract Hack

Hedgey Finance 代幣索賠合約駭客攻擊

In a separate incident, Hedgey Finance's token claim contract was compromised, resulting in the theft of approximately $1.9 million. The attacker, whose funds were traced back to ChangeNOW_io, swiftly laundered the stolen tokens into DAI and transferred them to an external account.

在另一起事件中，Hedgey Finance 的代幣索賠合約遭到破壞，導致約 190 萬美元被盜。攻擊者的資金可追溯到 ChangeNOW_io，他迅速將竊取的代幣洗成 DAI，並將其轉移到外部帳戶。

The Hedgey Finance team promptly issued an alert and advised users to revoke all permissions associated with the compromised contract. The platform has initiated procedures for the cancellation of affected withdrawals and is collaborating with cybersecurity experts and auditors to investigate the nature of the attack and implement appropriate mitigation measures.

Hedgey Finance 團隊立即發出警報，並建議使用者撤銷與受損合約相關的所有權限。該平台已啟動取消受影響提款的程序，並正在與網路安全專家和審計師合作，調查攻擊的性質並實施適當的緩解措施。

DeFi Security Concerns

DeFi 安全性問題

These incidents serve as a stark reminder of the challenges facing the DeFi industry as it continues to grapple with complex online threats. The absence of centralized oversight and the interconnectedness of blockchain networks make it imperative for protocols to invest heavily in security infrastructure and adopt robust incident response plans.

這些事件清楚地提醒人們，DeFi 產業在繼續應對複雜的線上威脅時所面臨的挑戰。由於缺乏集中監管和區塊鏈網路的互連性，協議必須大力投資安全基礎設施並採用強大的事件回應計畫。

Mitigating Risks

降低風險

To mitigate the risks associated with DeFi, several measures can be taken. These include:

為了減輕與 DeFi 相關的風險，可以採取多種措施。這些包括：

• Implementing rigorous security audits by independent experts
• Enforcing strict access control and authorization mechanisms
• Utilizing multi-layered security solutions such as firewalls and intrusion detection systems
• Educating users on DeFi security best practices, such as using strong passwords and avoiding suspicious links
• Establishing clear and comprehensive incident response plans to minimize losses in the event of a breach

Conclusion

由獨立專家實施嚴格的安全審計執行嚴格的存取控制和授權機制利用防火牆和入侵檢測系統等多層安全解決方案向用戶傳授DeFi 安全最佳實踐，例如使用強密碼和避免可疑連結建立清晰全面的事件響應計劃以最大程度地減少損失如果發生違規結論

The recent hacks on ARB Chain and Hedgey Finance underscore the need for continued vigilance and collaboration within the DeFi ecosystem. By adhering to best practices, sharing information on emerging threats, and working closely with security experts, the industry can strengthen its defenses and enhance user confidence in the future of decentralized finance.

最近 ARB Chain 和 Hedgey Finance 遭受的駭客攻擊凸顯了 DeFi 生態系統內持續保持警惕和協作的必要性。透過堅持最佳實踐、分享有關新興威脅的資訊以及與安全專家密切合作，該行業可以加強防禦並增強用戶對去中心化金融未來的信心。