PancakeBunny：DeFi 世界創新與脆弱性的警世故事

在動盪的去中心化金融 (DeFi) 世界中，PancakeBunny 的傳奇故事清楚地提醒我們創新和脆弱性。

DeFi protocol PancakeBunny was once a shining star in the Binance Smart Chain firmament, offering users a convenient way to maximize their yields. But like Icarus flying too close to the sun, PancakeBunny's hubris led to a spectacular downfall.

DeFi 協議 PancakeBunny 曾經是幣安智能鏈天空中一顆閃亮的明星，為用戶提供了最大化收益的便捷方式。但就像伊卡洛斯飛得離太陽太近一樣，PancakeBunny 的傲慢也導致了巨大的失敗。

In May 2021, a flash loan attack struck the protocol with devastating force. The attackers made off with a massive loot of around 697,000 BUNNY and 114,000 BNB, dealing a crushing blow to the value of BUNNY tokens, which plummeted by an astonishing 95%.

2021 年 5 月，閃電貸攻擊對該協議造成了毀滅性的打擊。攻擊者搶走了約 697,000 個 BUNNY 和 114,000 個 BNB 的大量贓物，對 BUNNY 代幣的價值造成了毀滅性打擊，暴跌了驚人的 95%。

Despite valiant efforts to salvage the situation, PancakeBunny ultimately disbanded, transforming into a decentralized autonomous organization (DAO). But the story was far from over.

儘管做出了勇敢的努力來挽救局勢，PancakeBunny 最終解散，轉變為一個去中心化的自治組織（DAO）。但故事還遠遠沒有結束。

Three years later, on July 7, 2024, a startling development occurred: funds linked to the original hack were finally on the move again.

三年後，在 2024 年 7 月 7 日，發生了令人震驚的事態發展：與原始駭客攻擊相關的資金終於再次流動。

A wallet address associated with the attack moved 1,002 Ether (ETH) — valued at over $3 million — through the privacy protocol Tornado Cash, in an attempt to conceal the origins of the transaction.

與此攻擊相關的一個錢包地址透過隱私協議 Tornado Cash 轉移了 1,002 以太幣 (ETH)，價值超過 300 萬美元，試圖隱藏交易的來源。

"On Sunday the @PancakeBunnyFin exploiter deposited 1002 ETH (~$2.9m) into @TornadoCash via 0xd0f2259e0bd71e849143bbc07f4e427bb6f7756b

「週日，@PancakeBunnyFin 漏洞利用者透過 0xd0f2259e0bd71e849143bbc07f4e427bb6f7756b 將 1002 ETH（約 290 萬美元）存入@TornadoCash

Bunny Finance was exploited for ~$45m in May 2021

Bunny Finance 於 2021 年 5 月被利用約 4,500 萬美元

The exploiter still holds $11.4m DAI in 0x820C👇"

漏洞利用者在 0x820C 中仍持有 1140 萬美元的 DAI 👇”

CertiK, a blockchain security firm that's played a pivotal role in investigating and preventing such incidents, reported that the hacker still holds a substantial $11.4 million in DAI.

區塊鏈安全公司 CertiK 在調查和防止此類事件中發揮了關鍵作用，該公司報告稱，駭客仍持有價值 1,140 萬美元的 DAI。

This incident serves as a stark reminder of the profound impact that DeFi hacks can have on protocols and investors alike. But even as the threat of hacks looms large, there are positive developments underway to bolster DeFi's security defenses.

這一事件清楚地提醒我們，DeFi 駭客可能對協議和投資者產生深遠的影響。但儘管駭客威脅日益凸顯，但加強 DeFi 安全防禦的積極進展仍在繼續。

CertiK, for instance, has recently taken a major step to enhance its capabilities in securing and managing blockchain deployments. By migrating their suite of blockchain applications to Alibaba Cloud, CertiK is strengthening its ability to safeguard DeFi protocols from malicious actors.

例如，CertiK 最近採取了重大舉措來增強其保護和管理區塊鏈部署的能力。透過將區塊鏈應用程式套件遷移到阿里雲，CertiK 正在增強其保護 DeFi 協定免受惡意行為者侵害的能力。

Highlighting the critical importance of proactive security measures, Nicholas Percoco, Chief Security Officer at Kraken, recently shared an experience where a security researcher—later identified as CertiK—was initially accused of extortion after discovering vulnerabilities in Kraken's systems.

Kraken 首席安全官 Nicholas Percoco 最近分享了一次經歷，強調了主動安全措施的至關重要性，一名安全研究人員（後來被稱為 CertiK）在發現 Kraken 系統中的漏洞後最初被指控勒索。

As DeFi continues to evolve, it brings forth new challenges and complexities in the realm of security. But with each lesson learned, from PancakeBunny's rise and fall to the latest developments in blockchain security, we move closer to forging resilient decentralized financial ecosystems.

隨著 DeFi 的不斷發展，它為安全領域帶來了新的挑戰和複雜性。但隨著每一次的教訓，從 PancakeBunny 的興衰到區塊鏈安全的最新發展，我們離打造有彈性的去中心化金融生態系統又更近了一步。

In other DeFi news, a user has reportedly lost a staggering $240,000 worth of NFTs in a hack on the Blur marketplace.

在其他 DeFi 新聞中，據報道，一名用戶在 Blur 市場遭受駭客攻擊時損失了價值 24 萬美元的 NFT。