|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Radiant Capital 揭露了 10 月 16 日攻擊的事後分析,該攻擊導致 BNB 鍊和 Arbitrum 網路中超過 5000 萬美元的數位資產被盜。
DeFi platform Radiant Capital has disclosed a post-mortem for the Oct. 16 attack that saw over $50 million in digital assets stolen from the BNB Chain and Arbitrum networks. According to Radiant, the attacker compromised the devices of three of its long-standing developers.
DeFi 平台 Radiant Capital 披露了 10 月 16 日攻擊的事後分析,該攻擊導致 BNB 鍊和 Arbitrum 網路中超過 5000 萬美元的數位資產被盜。根據 Radiant 的說法,攻擊者破壞了其三名長期開發人員的設備。
Hackers were able to compromise the devices through a “sophisticated malware injection” used to sign malicious transactions.
駭客能夠透過用於簽署惡意交易的「複雜的惡意軟體注入」來破壞設備。
“The devices were compromised in such a way that the front-end of Safe{Wallet} (f.k.a. Gnosis Safe) displayed legitimate transaction data while malicious transactions were signed and executed in the background,” the Radiant team explained in a blog post.
Radiant 團隊在部落格文章中解釋道:“這些設備受到損害,Safe{Wallet}(前身為 Gnosis Safe)的前端顯示合法交易數據,而惡意交易則在後台簽名和執行。”
Radiant Capital is a decentralized finance (DeFi) platform that allows users to earn interest and borrow assets across multiple blockchain networks. It operates like an “omnichain money market,” enabling cross-chain transactions on lending markets in different networks, such as Ethereum, BNB and Arbitrum.
Radiant Capital是一個去中心化金融(DeFi)平台,讓用戶可以跨多個區塊鏈網路賺取利息和借入資產。它的運作就像一個“全鏈貨幣市場”,可以在不同網路(例如以太坊、BNB 和 Arbitrum)的借貸市場上進行跨鏈交易。
The attack
襲擊
According to the company, the breach occurred during a routine multisignature emissions adjustment, a process that takes place “periodically to adapt to market conditions and utilization rates.”
據該公司稱,此次違規事件發生在例行的多重簽名排放調整過程中,該過程「定期進行,以適應市場條件和利用率」。
Multisignature is the dominant means of securing Web3 protocols. it requires multiple signatures to authorize a transaction.
多重簽章是保護 Web3 協定的主要手段。它需要多個簽名來授權交易。
Once the transactions were approved, the compromised devices intercepted these approvals and replaced them with a malicious transaction, which was then forwarded to the hardware wallets for signature. As soon as the Safe Wallet detected an issue, it displayed an error message, prompting the users to attempt the signature again.
一旦交易獲得批准,受感染的設備就會攔截這些批准,並將其替換為惡意交易,然後將其轉發到硬體錢包進行簽署。安全錢包一旦偵測到問題,就會顯示錯誤訊息,提示使用者再次嘗試簽名。
This type of failure can arise from a number of factors, such as gas price fluctuations, nonce mismatch, network congestion, and insufficient gas limit, among others.
這種類型的故障可能由多種因素引起,例如 Gas 價格波動、隨機數不匹配、網路擁塞和 Gas 限制不足等。
“As a result, this behavior did not raise immediate suspicion,” said the team. This process ultimately allowed the attackers to gather three valid signatures.
「因此,這種行為並沒有立即引起懷疑,」該團隊表示。這個過程最終讓攻擊者收集了三個有效簽名。
Losses across various attack types in 2024. Source: Hacken
2024 年各種攻擊類型的損失。
As per Radiant, the signed transactions still appeared legitimate within the user interface, making the attack difficult to detect. The breach was also undetectable during the manual review of the Gnosis Safe UI and Tenderly simulation stages of the routine transaction.
根據 Radiant 的說法,簽署的交易在用戶介面中仍然顯示為合法,這使得攻擊難以檢測。在手動審查 Gnosis Safe UI 和例行交易的 Tenderly 模擬階段期間,也無法偵測到該漏洞。
“This has been confirmed by external security teams, including SEAL911 and Hypernative,” noted the post-mortem.
事後分析指出:“這一點已得到 SEAL911 和 Hypernative 等外部安全團隊的證實。”
Along with draining assets worth $50 million, the hackers exploited open approvals to withdraw funds from users’ accounts. Other Radiant core developers may also have had their devices compromised. The protocol has requested users to revoke approvals on all chains to mitigate further incidents:
除了耗盡價值 5000 萬美元的資產外,駭客還利用公開批准從用戶帳戶中提取資金。其他 Radiant 核心開發人員的設備也可能受損。該協議已要求用戶撤銷對所有鏈的批准,以減少進一步的事件:
According to a report by cybersecurity firm Hacken, access control exploits were responsible for $316 million in lost funds during the third quarter. This accounts for nearly 70% of all crypto funds stolen during the quarter.
根據網路安全公司 Hacken 的報告,存取控制漏洞導致第三季資金損失達 3.16 億美元。這佔本季所有被盜加密貨幣資金的近 70%。
免責聲明:info@kdj.com
所提供的資訊並非交易建議。 kDJ.com對任何基於本文提供的資訊進行的投資不承擔任何責任。加密貨幣波動性較大,建議您充分研究後謹慎投資!
如果您認為本網站使用的內容侵犯了您的版權,請立即聯絡我們(info@kdj.com),我們將及時刪除。
-
- 紐約證券交易所和芝加哥期權交易所獲得 SEC 批准比特幣 ETF 期權
- 2024-10-19 06:25:02
- 在此之前,納斯達克最近也獲得了美國現貨比特幣 ETF 選擇權的許可