2024年8月多次網路釣魚攻擊和未經授權的轉帳導致加密貨幣產業遭受重大損失

最大的駭客攻擊涉及一頭鯨魚被釣魚，損失了 4,064 個比特幣，損失總計 2.38 億美元。其他值得注意的駭客攻擊包括價值 5540 萬美元的 Dai 穩定幣盜竊案和價值 1000 萬美元的 Ronin Network 漏洞。

August 2024 was a rough month for the cryptocurrency industry, with multiple major hacks leading to significant losses. According to the latest report by blockchain security firm Peckshield, the total losses amounted to $313.86 million.

2024 年 8 月對加密貨幣產業來說是艱難的一個月，多次重大駭客攻擊導致重大損失。根據區塊鏈安全公司 Peckshield 的最新報告，總損失達 3.1386 億美元。

The five most common types of hacks were largely rooted in phishing and unauthorized transfers, exposing some of the biggest weaknesses in the crypto market. Here's a closer look at each incident:

五種最常見的駭客類型主要源於網路釣魚和未經授權的傳輸，暴露了加密貨幣市場的一些最大弱點。以下是對每個事件的詳細分析：

Phishing Attacks Dominate the Month

網路釣魚攻擊在本月佔據主導地位

The largest hack of August occurred on the 19th, when a whale fell victim to a phishing attack, resulting in the theft of 4,064 Bitcoin, valued at approximately $238 million at the time of the incident. The stolen funds were quickly moved across various platforms, including THORChain, KuCoin, and Railgun, making recovery efforts nearly impossible.

8 月最大的駭客攻擊發生在 19 日，一頭鯨魚遭遇網路釣魚攻擊，造成 4,064 個比特幣被盜，事件發生時價值約 2.38 億美元。被竊資金迅速在各種平台上轉移，包括 THORChain、KuCoin 和 Railgun，使得追回工作幾乎不可能。

This massive breach accounted for 76% of the total losses for the month, highlighting the persistent threat of phishing attacks in the crypto world.

這次大規模洩密事件佔當月總損失的 76%，凸顯了加密世界中網路釣魚攻擊的持續威脅。

Dai Stablecoin Theft: A Multi-Million Dollar Scam

Dai 穩定幣失竊：價值數百萬美元的騙局

Another notable incident involved the theft of $55.4 million in Dai stablecoins through a phishing attack. The stolen 1,400 ETH were initially held in the Maker DeFi protocol before being exchanged for Ethereum and subsequently embezzled. The swift and well-coordinated nature of this attack left little chance for asset recovery.

另一個值得注意的事件是透過網路釣魚攻擊竊取價值 5540 萬美元的 Dai 穩定幣。被盜的 1,400 個 ETH 最初存放在 Maker DeFi 協議中，然後兌換成以太坊，隨後被盜用。這次襲擊行動迅速且協調良好，幾乎沒有追回資產的機會。

Ronin Network Hit Again: Ethical Hackers to the Rescue

Ronin Network 再次遭遇打擊：道德駭客出手救援

On 6th August, the Ronin Network, which was previously compromised in 2022, experienced another cyber attack. However, this time, whitehat hackers used the Maximum Extractable Value (MEV) bug to work out to withdraw 4,000 ETH, which is $10 million.

8月6日，曾於2022年被攻破的Ronin Network再次遭遇網路攻擊。然而，這一次，白帽駭客利用最大可提取價值（MEV）漏洞計算出提取了 4,000 ETH，即 1000 萬美元。

Interestingly, the ethical hackers used the bug to return the funds used to conduct the hack to the Ronin developers, who paid a bounty in the amount of half a million dollars. This incident serves as a reminder of the valuable role that ethical hackers can play in enhancing the security of crypto platforms.

有趣的是，道德駭客利用該漏洞將用於進行駭客攻擊的資金返還給 Ronin 開發者，後者支付了 50 萬美元的賞金。這事件提醒人們，道德駭客在增強加密貨幣平台的安全性方面可以發揮重要作用。

Unauthorized Transfer: $5.1 Million Stolen

未經授權轉移：510 萬美元被盜

Another noteworthy incident involved an unauthorized transfer, which resulted in a forgery loss of $5.1 million. While less severe than the other hacks, this incident adds to the growing need for improved security measures within the crypto industry.

另一個值得注意的事件涉及未經授權的轉讓，導致 510 萬美元的偽造損失。雖然這一事件的嚴重性不如其他駭客事件，但這一事件增加了加密行業內對改進安全措施的日益增長的需求。

Nexera Exploit: Social Engineering Leads to $1. 83 Million Theft

Nexera 利用：社會工程導致 1 美元。 8300萬竊盜案

Finally, Nexera suffered a $1. 83 million loss after falling prey to an elaborate social engineering scam. Through a reputation-phishing attack, the attackers managed to trick an employee of Nexera into downloading what they claimed was a job offer contract. However, upon downloading the file, they discovered that it was concealed malware, which ultimately stole their private keys.

最終，Nexera 遭遇了 1 美元的損失。陷入精心設計的社會工程騙局後損失 8300 萬美元。透過聲譽網路釣魚攻擊，攻擊者成功誘騙 Nexera 的一名員工下載他們聲稱的工作邀請合約。然而，在下載該檔案後，他們發現它是隱藏的惡意軟體，最終竊取了他們的私鑰。

This incident highlights the importance of employing advanced protection methods, such as multi-signature wallets, to safeguard valuable assets in the cryptocurrency domain.

這事件凸顯了採用多重簽名錢包等先進保護方法來保護加密貨幣領域有價值資產的重要性。

These cases serve as a stark reminder of the urgent need for constant enhancement of security measures and awareness among cryptos’ users and related firms to avoid getting hacked. As the cryptocurrency industry continues to evolve, it remains to be seen whether we will witness an improvement in crypto security in the months ahead.

這些案例強烈提醒人們，迫切需要不斷加強加密貨幣用戶和相關公司的安全措施和意識，以避免被駭客攻擊。隨著加密貨幣產業的不斷發展，未來幾個月我們是否會見證加密貨幣安全性的改善還有待觀察。