新的詐騙令牌繞過流行交易資料網站的過濾器

加密安全研究人員對一種新型模因幣發出警報，這種模因幣能夠繞過監控詐騙的流行交易資料網站上的詐騙過濾器。

A new scam crypto memecoin has been discovered that is able to bypass scam filters on popular trading data sites.

人們發現了一種新的騙局加密迷因幣，它能夠繞過流行交易資料網站上的騙局過濾器。

The token, which trades under the ticker REPUBLICAN, has a piece of code that lets its programmer withdraw tokens straight out of any crypto wallet holding them.

該代幣的交易代碼為 REPUBLICAN，有一段代碼可以讓程式設計師直接從任何持有代幣的加密錢包中提取代幣。

When traders swap Ether for REPUBLICAN on decentralised exchanges, the tokens they just bought are transferred away.

當交易者在去中心化交易所將以太幣換成 REPUBLICAN 時，他們剛剛購買的代幣就會被轉移出去。

The code also gives its creator a nearly infinite balance of the token.

該代碼還為其創建者提供了近乎無限的代幣餘額。

The malicious memecoin was first spotted by an X user called yourfriend_btc on Wednesday before being shared by other accounts.

週三，一位名為 yourfriend_btc 的 X 用戶首先發現了惡意 memecoin，然後被其他帳戶共享。

It’s not clear how much the scammer has profited. According to Dex Screener, a popular trading data site, traders have bought and sold over $408,000 worth of the memecoin.

目前尚不清楚騙子獲利了多少。根據熱門交易數據網站 Dex Screener 的數據，交易者已經買賣了價值超過 408,000 美元的 memecoin。

However, because the fraud is easy to replicate and difficult to spot, it may only be a matter of time before similar scam tokens claim more victims.

然而，由於詐欺行為很容易複製且難以發現，因此類似的詐騙代幣吸引更多受害者可能只是時間問題。

Backdoors are obscured

後門被遮擋

Usually, newly launched memecoins that contain malicious code aren’t an issue for experienced crypto traders.

通常，對於經驗豐富的加密貨幣交易者來說，新推出的包含惡意程式碼的迷因幣並不是問題。

Security tools can automatically scan the code of new tokens to check for traps.

安全工具可以自動掃描新令牌的代碼以檢查是否有陷阱。

But three such tools on Dex Screener showed no issues with the REPUBLICAN token. However, Dex Screener cautions that such audits may not be 100% accurate.

但 Dex Screener 上的三個此類工具顯示 REPUBLICAN 代幣沒有任何問題。然而，Dex Screener 警告稱，此類審核可能並非 100% 準確。

“The industry has recently gotten better at quickly detecting these types of exploits using real-time monitoring solutions,” Lewellen told DL News. “Knowing this, scammers are now resorting to obscuring backdoors.”

Lewellen 告訴 DL News：“業界最近在使用即時監控解決方案快速檢測此類漏洞方面做得越來越好。” “知道這一點後，詐騙者現在開始訴諸隱藏後門。”

To avoid detection, the person who programmed the REPUBLICAN token wrote extra snippets of malicious code in assembly language — a programming language that is used to communicate more closely with underlying machine code.

為了避免檢測，編寫 REPUBLICAN 代幣的人用彙編語言（一種用於與底層機器程式碼更密切地通訊的程式語言）編寫了額外的惡意程式碼片段。

According to Lewellen, assembly language code is harder to interpret, making it more difficult to detect if it contains malicious properties.

根據 Lewellen 的說法，彙編語言程式碼更難解釋，因此更難檢測它是否包含惡意屬性。

In the past, malicious tokens have cost traders dearly.

過去，惡意代幣讓交易者付出了高昂的代價。

In 2021, a scam token named after the Netflix show “Squid Game” stole $2.5 million from traders. The token contained code that prevented buyers from selling it so it could only increase in value.

2021 年，以 Netflix 節目《Squid Game》命名的詐騙代幣從交易者那裡竊取了 250 萬美元。該代幣包含阻止買家出售它的代碼，因此它只會增值。

Today, so-called honeypot tokens are less of an issue because security tools on sites like Dex Screener make them easy to spot.

如今，所謂的蜜罐令牌不再是一個問題，因為 Dex Screener 等網站上的安全工具使它們很容易被發現。

According to Lewellen, monitoring solutions should be in place before too long to identify the assembly language obfuscation technique.

Lewellen 認為，監控解決方案應該很快就會到位，以識別彙編語言混淆技術。

But he warned that scammers will get to work finding other, more creative ways to hide their intent.

但他警告說，詐騙者將開始尋找其他更有創意的方法來隱藏他們的意圖。

Reach out with tips at tim@dlnews.com to Tim Craig, DL News’ Edinburgh-based DeFi Correspondent.

請透過 tim@dlnews.com 聯絡 DL News 駐愛丁堡 DeFi 通訊員 Tim Craig，獲取建議。