四。在三明治攻擊後恢復運營，耗資120,000美元

基於BNB連鎖的Memecoin發射平台在遭受三明治攻擊後恢復了其運營，估計損失了120,000美元。

Four.Meme, a BNB Chain-based memecoin launch platform, has reportedly restored its operations after suffering a sandwich attack that resulted in an estimated $120,000 loss.

據報導，Forth.meme是一家基於BNB連鎖的Memecoin發射平台，據報導，遭受了三明治攻擊後恢復了其運營，估計損失了120,000美元。

On March 18, Four.Meme announced on X that its launch function was back online following a security review. The platform had temporarily suspended the function earlier in the day to investigate what it described as being “under attack.”

3月18日，有四人在X上宣布，在安全審查後，其啟動功能又在線返回。該平台在當天早些時候暫時暫停了該功能，以調查其所描述的“受到攻擊”。

“The launch function has now been resumed after a thorough security inspection. Our team has addressed the issue and reinforced system security. Compensation for affected users is underway,” the Four.Meme team stated.

“我們的團隊已經解決了該問題，並為受影響的用戶提供了補償。

The post added that the platform was cooperating fully with relevant parties to identify and mitigate any risks involved.

該帖子補充說，該平台正在與相關方充分合作，以識別和減輕所涉及的任何風險。

However, Web3 security firm ExVul identified the exploit as a sandwich attack, a market manipulation tactic where an attacker attempts to execute trades immediately before and after another user’s transaction to inflate trading costs.

但是，Web3安全公司Exvul確定了漏洞攻擊是一種三明治攻擊，這是一種市場操縱策略，攻擊者試圖在另一位用戶交易前後立即執行交易以使交易成本膨脹。

According to ExVul, the attacker pre-calculated an address to create a liquidity pool’s trading pair and then leveraged one of Four.Meme’s functions to purchase tokens—bypassing the platform’s built-in token transfer restrictions.

根據Exvul的說法，攻擊者預先計算了一個地址，以創建流動性池的交易對，然後利用四個。Meme可以購買令牌的功能，這是該平台內置的代幣傳輸限制。

“The hacker lay in wait for Four.Meme to add liquidity to the transaction, ultimately siphoning off the funds,” ExVul explained.

Exvul解釋說：“黑客在等待四分之一。

A Deep Dive Into The Attack

深入研究攻擊

Meanwhile, blockchain security firm CertiK arrived at a similar conclusion, noting that the attacker manipulated the launch process by transferring an imbalanced number of unlaunched tokens to designated liquidity pair addresses.

同時，區塊鏈安全公司Certik得出了類似的結論，並指出，攻擊者通過將不平衡的未扣除令牌傳輸到指定的流動性對地址來操縱發射過程。

Once the token was officially launched, the attacker inflated the price and sold the tokens at a profit.

令牌正式推出後，攻擊者會誇大價格並以獲利的價格出售令牌。

One example cited was the SBL token, where the attacker sent a small amount of SBL to the pre-calculated pair address and then profited 21.1 BNB by sandwiching the liquidity-adding transaction at launch.

引用的一個例子是SBL令牌，攻擊者在該攻擊者中將少量的SBL發送給預定的對地址，然後通過夾在發射時將流動性添加的交易夾住，從而獲利了21.1 BNB。

This marks the second exploit on Four.Meme in just over a month. On February 11, the platform suffered a separate attack that led to losses of $183,000 worth of digital assets.

這標誌著第二個漏洞的四個月。 2月11日，該平台遭受了另一種攻擊，導致價值183,000美元的數字資產損失。

The incident comes amid a broader wave of crypto-related exploits. In February alone, cybercriminals stole $1.53 billion through scams and hacks, with the $1.4 billion Bybit exploit accounting for most of the losses.

該事件發生在更廣泛的加密相關漏洞中。僅在2月，網絡犯罪分子通過騙局和黑客偷走了15.3億美元，其中大部分損失的14億美元bybit利用會計。

According to Chainalysis, crypto crime is becoming more sophisticated, with AI-driven scams, stablecoin laundering, and coordinated cyber syndicates contributing to a $51 billion illicit transaction volume over the past year.

根據鏈分析，加密犯罪越來越複雜，在過去的一年中，AI驅動的騙局，穩定的洗錢和協調的網絡集團造成了51億美元的非法交易量。