臭名昭著的 PancakeBunny 剝削者再次出現,透過 Tornado Cash 轉移大量資金,事態發展令人驚訝。
The PancakeBunny exploiter, who has been largely inactive for the past years, has now moved 1,029 ETH (roughly $2.9 million) via Tornado Cash, a cryptocurrency blending platform. The transaction, which occurred on Sunday evening, saw the funds being moved from the wallet address 0xd0f225...756b, as highlighted by the security firm CertiK Alerts.
PancakeBunny 漏洞利用者在過去幾年基本上不活躍,現在透過加密貨幣混合平台 Tornado Cash 轉移了 1,029 ETH(約 290 萬美元)。正如安全公司 CertiK Alerts 所強調的那樣,這筆交易發生在周日晚上,資金從錢包地址 0xd0f225...756b 轉移。
This particular transaction is being closely monitored due to the exploiter's past involvement in a large-scale exploit on PancakeBunny in May 2021. The incident, which involved a flash loan attack, resulted in user losses of around $45 million. The perpetrator manipulated the price of BUNNY tokens using a substantial amount of assets from PancakeSwap, before selling the tokens at a price of nearly zero, ultimately leading to massive losses.
由於攻擊者曾於 2021 年 5 月參與針對 PancakeBunny 的大規模攻擊,因此該特定交易正在受到密切監控。犯罪者利用 PancakeSwap 的大量資產操縱 BUNNY 代幣的價格,然後以接近零的價格出售代幣,最終導致巨額損失。
While a significant portion of the stolen funds have been moved, the exploiter still holds about $11.4 million in DAI at the wallet address 0x820C. These activities highlight the ongoing challenges faced by security professionals and regulators in locating and recovering lost cryptocurrency.
雖然大部分被盜資金已被轉移,但攻擊者仍在錢包地址 0x820C 處持有約 1140 萬美元的 DAI。這些活動凸顯了安全專業人員和監管機構在定位和恢復遺失的加密貨幣方面所面臨的持續挑戰。
In this case, Tornado Cash plays a dual role. While it offers privacy protection for legitimate users, it is also a preferred platform for cybercriminals to conceal stolen funds. The PancakeBunny exploit serves as a stark reminder of the complexities involved in striking a delicate balance between privacy and security in the crypto space.
在這種情況下,龍捲風現金扮演著雙重角色。雖然它為合法用戶提供隱私保護,但它也是網路犯罪分子隱藏被盜資金的首選平台。 PancakeBunny 漏洞清楚地提醒我們,在加密貨幣領域的隱私和安全之間取得微妙的平衡是非常複雜的。
