Penpie DeFi 協定被利用，遭受駭客攻擊損失 2,700 萬美元

基於 Pendle 收益平台構建的去中心化金融（DeFi）協議 Penpie 於週三被利用，導致約 2700 萬美元的加密資產損失

A DeFi protocol built on the Pendle yield platform, Penpie, was exploited on Wednesday, leading to a loss of about $27 million in crypto assets, blockchain data showed.

區塊鏈數據顯示，週三，基於 Pendle 收益平台 Penpie 構建的 DeFi 協議遭到利用，導致加密資產損失約 2,700 萬美元。

The attacker stole various tokens, including staked Ethereum (ETH), Ethena’s sUSDE, and wrapped USDC. The funds were later converted to ETH using the Li.Fi protocol and moved to a new address.

攻擊者竊取了各種代幣，包括質押的以太坊（ETH）、Ethena 的 sUSDE 以及包裝後的 USDC。這些資金隨後使用 Li.Fi 協議轉換為 ETH，並轉移到新地址。

Blockchain security firm Cyvers reported the incident, detecting suspicious activity involving Penpie’s contract. Based on the report, the address funded by a crypto mixing service has executed a malicious transaction and got around $27 million worth of digital assets.

區塊鏈安全公司 Cyvers 報告了這起事件，檢測到涉及 Penpie 合約的可疑活動。根據該報告，由加密貨幣混合服務資助的地址執行了惡意交易，並獲得了價值約 2700 萬美元的數位資產。

According to Etherscan data, the exploiter’s address initially received 10 ETH, valued at approximately $25,000, via Tornado Cash just hours before the exploit. This transaction helped conceal the attacker's identity.

根據 Etherscan 數據，在利用前幾個小時，利用者的地址最初透過 Tornado Cash 收到了 10 ETH，價值約 25,000 美元。此交易有助於隱藏攻擊者的身分。

In a statement, Pendle confirmed a breach in Penpie’s system but reassured its users that their funds on Pendle remained safe. However, the company stated that it had paused all contracts as a safety measure and was working closely with the Penpie team to assess the damage.

Pendle 在聲明中證實了 Penpie 系統存在漏洞，但向用戶保證他們在 Pendle 上的資金仍然安全。不過，該公司表示，作為安全措施，它已暫停所有合同，並正在與 Penpie 團隊密切合作來評估損失。

“Pendle has confirmed that its funds are secure after an investigation. However, a security issue has been found in Penpiexyz, a separate protocol built on Pendle. To address this, all contracts have been paused temporarily, and Pendle is working closely with the Penpie team to resolve the issue quickly!” Cyvers added shortly.

「經過調查，Pendle 確認其資金是安全的。然而，在 Penpiexyz（基於 Pendle 建置的獨立協定）中發現了安全性問題。為了解決這個問題，所有合約都已暫時暫停，Pendle 正在與 Penpie 團隊密切合作，以盡快解決問題！賽弗斯很快補充道。

The attack caused Penpie’s native token (PNP) to drop by 40%, BeInCrypto data showed. Pendle’s token (PENDLE) also experienced an 8% loss, exceeding the losses observed in the broader crypto market.

BeInCrypto 數據顯示，這次攻擊導致 Penpie 的原生代幣 (PNP) 下跌 40%。 Pendle 的代幣（PENDLE）也經歷了 8% 的損失，超過了更廣泛的加密貨幣市場中觀察到的損失。

The Penpie exploit is part of a broader trend of increasing crypto hacks in 2024. A recent report by Immunefi stated that hackers have stolen over $1.2 billion across 154 incidents this year, highlighting the widespread vulnerabilities within DeFi protocols and other crypto platforms.

Penpie 漏洞是2024 年加密貨幣駭客攻擊增加的更廣泛趨勢的一部分。的漏洞。

In August 2024 alone, crypto hacks resulted in over $313 million in losses, according to security firm PeckShield. The two largest incidents that month involved the theft of $238 million in Bitcoin and $55 million in DAI.

據安全公司 PeckShield 稱，僅在 2024 年 8 月，加密貨幣駭客攻擊就造成了超過 3.13 億美元的損失。當月最大的兩起事件涉及價值 2.38 億美元的比特幣和 5,500 萬美元的 DAI 被盜。

Phishing attacks have also seen a surge, with a report from Scam Sniffer showing a 215% increase in financial losses in August. While fewer attacks occurred compared to July, the amount of stolen funds increased significantly, with one phishing scheme netting $55 million.

網路釣魚攻擊也激增，Scam Sniffer 的一份報告顯示 8 月的經濟損失增加了 215%。雖然與 7 月相比發生的攻擊有所減少，但被盜資金的金額卻大幅增加，其中一項網路釣魚計劃淨賺了 5500 萬美元。