Prisma Finance 遭駭客攻擊損失 1,160 萬美元；駭客要求道歉並提供團隊身分以退回資金

DeFi 平台 Prisma Finance 面臨 1,160 萬美元的漏洞利用後果，其中 54 萬美元仍面臨風險，因為「白帽」駭客要求公開道歉並要求團隊確認資金返還。 Prisma 的核心貢獻者概述了恢復工作，而駭客則堅持召開線上會議以追究責任。這事件凸顯了 DeFi 的安全挑戰以及徹底的智慧合約審計和快速反應機制的重要性。

DeFi Platform Prisma Finance Hit with $11.6 Million Exploit, Hacker Demands Public Apology and Team Identification for Fund Return

DeFi 平台 Prisma Finance 遭受 1160 萬美元攻擊，駭客要求公開道歉並確認團隊身份以退還資金

By The Crypto Times

作者：加密時代

[Location, Date] - Prisma Finance, a decentralized finance (DeFi) platform, has become the latest victim of a cyberattack, losing $11.6 million in a malicious exploit. The incident, which has left $540,000 in limbo, has taken a dramatic turn as the "white hat" hacker behind the attack demands a public apology and the identification of team members involved in the platform's security in exchange for the return of the stolen funds.

[地點、日期] - 去中心化金融 (DeFi) 平台 Prisma Finance 已成為網路攻擊的最新受害者，在惡意利用中損失了 1160 萬美元。這起事件導致 54 萬美元陷入困境，但事態發生了戲劇性的轉變，攻擊背後的「白帽」駭客要求公開道歉並查明參與平台安全的團隊成員的身份，以換取歸還被盜資金。

Frank, Prisma's core contributor, has outlined the platform's efforts to recover the stolen assets and prioritize user safety. The exploit originated from flaws in the MigrateTroveZap contracts, impacting 14 accounts. Five of these accounts remain "at risk" with over $500,000 in open positions.

Prisma 的核心貢獻者 Frank 概述了該平台為追回被盜資產並優先考慮用戶安全所做的努力。這個漏洞源自於 MigrateTroveZap 合約中的缺陷，影響了 14 個帳戶。其中五個帳戶仍處於「風險」狀態，未平倉部位超過 50 萬美元。

Prisma has responded to the attack by proposing a reduction in liquidity and staked revenue allocations to bolster its reserves. The team has emphasized that the exploited contract is isolated from the platform's core protocol, minimizing potential risks to users.

Prisma 針對此攻擊提出了減少流動性並押注收入分配以增強其儲備的建議。團隊強調，被利用的合約與平台的核心協議是隔離的，最大限度地減少了用戶的潛在風險。

Despite Prisma's recovery efforts, the hacker has insisted on an online conference as a condition for returning the stolen funds. The hacker demands an apology and accountability from the platform's team. This development has further escalated the dispute, with Prisma questioning the hacker's sincerity, citing fund diversions to Ethereum (ETH) via the anonymity-enhancing Tornado Cash protocol.

儘管 Prisma 做出了恢復努力，但駭客仍堅持召開線上會議作為歸還被盜資金的條件。駭客要求平台團隊道歉並承擔責任。這一事態發展進一步加劇了爭議，Prisma 質疑駭客的誠意，並表示資金透過增強匿名性的 Tornado Cash 協議轉移到了以太坊 (ETH)。

The incident has significantly impacted Prisma's liquidity, with its total value locked (TVL) plummeting from $220 million to $86.7 million, according to data from DefiLlama. The attack underscores the ongoing security challenges facing the DeFi sector, highlighting the need for thorough smart contract audits and swift response mechanisms.

DefiLlama 的數據顯示，該事件嚴重影響了 Prisma 的流動性，其鎖定總價值 (TVL) 從 2.2 億美元驟降至 8,670 萬美元。這次攻擊凸顯了 DeFi 領域持續面臨的安全挑戰，凸顯了徹底的智慧合約稽核和快速回應機制的必要性。

Prisma is committed to stabilizing its platform and restoring user trust amidst its ongoing recovery efforts. The platform's team is actively addressing the exploit and implementing measures to prevent similar incidents in the future. The incident serves as a reminder of the importance of vigilance and robust security practices in the DeFi industry.

Prisma 致力於在持續的復原工作中穩定其平台並恢復用戶信任。該平台的團隊正在積極解決該漏洞，並採取措施防止未來發生類似事件。該事件提醒人們在 DeFi 行業中保持警惕和穩健的安全實踐的重要性。