數百萬美元損失：對沖基金遭受重大漏洞打擊

由於代幣索賠合約中的錯誤，鏈上代幣基礎設施提供商 Hedgey Finance 遭受了兩項重大攻擊。以太坊鏈的第一次攻擊導致 190 萬美元被盜，而對 Arbitrum 網路的第二次攻擊導致 4,280 萬美元損失。 Hedgey Finance 證實了這些事件並正在進行調查，並建議用戶撤銷代幣領取權限。

Hedgey Finance Suffers Multi-Million Dollar Exploit Due to Contract Vulnerability

由於合約漏洞，對沖金融遭受數百萬美元的利用

On April 19, on-chain token infrastructure provider Hedgey Finance fell victim to a pair of exploits that exploited a bug in its token claims contract. The attacks, perpetrated on both the Ethereum (ETH) and Arbitrum (ARB) blockchains, resulted in the theft of millions of dollars in cryptocurrency.

4 月 19 日，鏈上代幣基礎設施提供商 Hedgey Finance 成為兩個漏洞的受害者，這些漏洞利用了其代幣索賠合約中的一個錯誤。這些攻擊針對以太坊 (ETH) 和 Arbitrum (ARB) 區塊鏈，導致數百萬美元的加密貨幣被盜。

Cybersecurity firm Cyvers first detected the initial attack on ETH's blockchain, where attackers made off with approximately $1.9 million. On-chain analytics revealed that the attackers' address had been funded through cryptocurrency exchange ChangeNOW, and the stolen funds were subsequently swapped into Maker's stablecoin DAI.

網路安全公司 Cyvers 首先偵測到針對 ETH 區塊鏈的初始攻擊，攻擊者竊取了大約 190 萬美元。鏈上分析顯示，攻擊者的地址是透過加密貨幣交易所 ChangeNOW 獲得資金的，而被盜資金隨後被兌換成 Maker 的穩定幣 DAI。

Hedgey Finance acknowledged the incident in a statement, confirming an ongoing investigation and urging users to revoke token claim permissions. The protocol allows for the creation of options markets for digital assets, enabling users to trade calls and puts on cryptocurrencies on EVM-compatible chains.

Hedgey Finance 在一份聲明中承認了這一事件，確認正在進行的調查並敦促用戶撤銷代幣領取權限。該協議允許創建數位資產選擇權市場，使用戶能夠在 EVM 相容鏈上交易看漲期權和押注加密貨幣。

Shortly after the first attack, Cyvers reported a second on the ARB network, where hackers siphoned $42.8 million. Proceeds from both attacks were transferred to Bybit. Both attacks utilized the same vulnerability in Hedgey Finance's token claims contract.

第一次攻擊發生後不久，Cyvers 報告了 ARB 網路上的第二次攻擊，駭客竊取了 4,280 萬美元。兩次攻擊的收益均轉移至 Bybit。這兩次攻擊都利用了 Hedgey Finance 代幣索賠合約中的相同漏洞。

The exploits highlight concerns raised by security experts regarding the need for DeFi protocols to prioritize safeguarding measures. As cryptocurrency gains mainstream adoption, on-chain security remains a critical issue for both established and emerging players in the industry.

這些漏洞凸顯了安全專家對 DeFi 協定需要優先考慮保護措施的擔憂。隨著加密貨幣獲得主流採用，鏈上安全對於該行業的老牌和新興參與者來說仍然是一個關鍵問題。

However, it's worth noting that statistics indicate a potential decline in hacks. According to Peckshield, crypto exploits have decreased by 50% in recent months, leading to reduced losses for investors. White hat experts have also established a help desk to facilitate real-time reporting of hacks and disseminate information on exploit strategies.

然而，值得注意的是，統計數據表明駭客攻擊可能會減少。 Peckshield 表示，近幾個月來，加密貨幣漏洞利用減少了 50%，從而減少了投資者的損失。白帽專家還建立了一個幫助台，以促進即時報告駭客行為並傳播有關漏洞利用策略的資訊。