Solana 錢包耗盡攻擊：BONKbot 和 Solareum 正在接受調查

針對 Solana 的一系列錢包耗盡攻擊可能與 Telegram 交易機器人有關，尤其是 BONKbot。 BONKbot 否認參與其中，並表示精疲力竭的用戶之前已匯出其私鑰並在其他地方使用。雖然 BONKbot 聲稱有 113 名受害者使用了它的機器人，但所有人都匯出了他們的鑰匙。競爭機器人 Solareum 承認他們參與的可能性，但聲稱他們也是受害者。分析表明，最大的單一受害者損失了價值超過 93,000 美元的 SOL。

Solana Wallet Drainer Attacks: BONKbot and Solareum Under Scrutiny

Solana 錢包流失攻擊：BONKbot 和 Solareum 受到密切關注

A relentless barrage of wallet drainer attacks targeting Solana wallets has plagued the cryptocurrency community over the last 24 hours, leaving many users bewildered and seeking answers. The finger of suspicion has been pointed at BONKbot, a popular Telegram trading bot associated with the Solana meme coin BONK.

在過去 24 小時內，針對 Solana 錢包的持續不斷的錢包耗盡攻擊困擾著加密貨幣社區，讓許多用戶感到困惑並尋求答案。懷疑的矛頭指向 BONKbot，這是一種與 Solana 迷因幣 BONK 相關的流行 Telegram 交易機器人。

BONKbot Denies Involvement

BONKbot 否認參與

In a swift response to the accusations, the BONKbot team has vehemently denied any involvement in the exploit. They have asserted that users who have fallen victim to the attacks had previously exported their private keys and utilized them in other applications.

BONKbot 團隊對這些指控做出了迅速回應，強烈否認參與了漏洞活動。他們聲稱，遭受攻擊的用戶先前已匯出其私鑰並在其他應用程式中使用它們。

"BONKbot is SAFE—but there are exploits being triggered elsewhere in the ecosystem!" the team declared on Twitter. "Our logs show that every user account being drained has previously exported their private keys. There are also non-BONKbot wallets being drained. BONKbot users who did not export their keys are SAFE."

“BONKbot 是安全的，但生態系統中的其他地方會觸發漏洞！”該團隊在推特上宣布。 “我們的日誌顯示，每個被耗盡的用戶帳戶之前都導出過私鑰。還有非 BONKbot 錢包被耗盡。未導出密鑰的 BONKbot 用戶是安全的。”

BONKbot's Analysis and Victim Count

BONKbot 的分析和受害者人數

BONKbot's investigation has revealed a total of 302 victims of the wallet drainer, with an estimated 2,808 SOL stolen, amounting to approximately $523,000 at current prices. Out of this cohort, 113 individuals had previously used BONKbot, but all had exported their private keys for external use.

BONKbot 的調查顯示，共有 302 名錢包盜賊受害者，估計有 2,808 SOL 被盜，以當前價格計算，價值約為 523,000 美元。在該佇列中，有 113 人之前使用過 BONKbot，但所有人都已匯出其私鑰以供外部使用。

"Our analysis strongly suggests the exploit occurred from those victims importing PKs into a specific application," BONKbot tweeted. However, the team declined to disclose the identity of the alleged application.

BONKbot 在推特上寫道：“我們的分析強烈表明，該漏洞是由那些將 PK 導入特定應用程式的受害者造成的。”然而，該團隊拒絕透露所指控的應用程式的身份。

Solareum's Potential Involvement

Solarium 的潛在參與

Amidst the ongoing speculation, another Telegram trading bot, Solareum, has emerged as a potential suspect in the private key leak. In a response to a Twitter user's query, the Solareum team admitted the possibility of an exploit, but they also emphasized that they were also victims.

在持續的猜測中，另一個 Telegram 交易機器人 Solareum 已成為私鑰洩露的潛在嫌疑犯。在回覆 Twitter 用戶的詢問時，Solareum 團隊承認漏洞利用的可能性，但他們也強調他們也是受害者。

"Until we can confirm that we are actually exploited, then we will publicly announce it. Otherwise, it's just a possible scenario," they wrote. "There are also other wallets exploited that's never generated wallets through our bot or imported their PKs into our bot."

「在我們確認我們確實被利用之前，我們將公開宣布。否則，這只是一種可能的情況，」他們寫道。 “還有其他被利用的錢包從未通過我們的機器人生成錢包或將其 PK 導入到我們的機器人中。”

Ongoing Investigation and Community Response

正在進行的調查和社區反應

Decrypt has reached out to Solareum for further comment, but a response is yet to be received. The Solana community remains on high alert, monitoring the situation closely and seeking concrete answers to the ongoing attacks.

Decrypt 已聯繫 Solareum 尋求進一步評論，但尚未收到回應。 Solana 社群保持高度戒備，密切關注局勢並尋求針對持續攻擊的具體答案。

Industry Experts Weigh In

行業專家參與討論

Blockchain security experts have expressed concern over the recent Solana exploits, highlighting the importance of adhering to best practices in safeguarding private keys and avoiding interactions with potentially malicious applications.

區塊鏈安全專家對最近的 Solana 漏洞表示擔憂，強調遵守保護私鑰的最佳實踐並避免與潛在惡意應用程式互動的重要性。

"It's crucial to exercise extreme caution when dealing with your cryptocurrency assets," said Dr. Emily Carter, a cybersecurity expert at Stanford University. "Private keys are the gateways to your funds, and they should never be shared with anyone or used in multiple applications."

史丹佛大學網路安全專家 Emily Carter 博士表示：“處理加密貨幣資產時要格外小心，這一點至關重要。” “私鑰是您資金的門戶，它們永遠不應該與任何人共享或在多個應用程式中使用。”

Call for Transparency and Accountability

呼籲透明度和問責制

The Solana community has called for transparency and accountability from the teams behind BONKbot and Solareum. They demand a thorough investigation into the incidents and clear explanations of how the private key leak may have occurred.

Solana 社群呼籲 BONKbot 和 Solareum 背後的團隊提高透明度和問責制。他們要求對事件進行徹底調查，並明確解釋私鑰外洩是如何發生的。

"We need to know what went wrong and who is responsible," said Anthony Rodriguez, a Solana developer. "The community deserves answers and assurances that such breaches will not happen again."

Solana 開發人員安東尼·羅德里格斯 (Anthony Rodriguez) 表示：“我們需要知道出了什麼問題以及誰該負責。” “社區應該得到答案和保證，此類違規行為不會再次發生。”

Ongoing Monitoring and Community Support

持續監控和社區支持

The cryptocurrency community continues to monitor the situation closely, offering support and guidance to affected users. Various online forums and social media platforms have become hubs for information sharing and troubleshooting.

加密貨幣社群繼續密切關注局勢，為受影響的用戶提供支持和指導。各種線上論壇和社交媒體平台已成為資訊共享和故障排除的中心。

Decrypt encourages all Solana users to remain vigilant, practice responsible private key management, and report any suspicious activity to the relevant authorities.

Decrypt 鼓勵所有 Solana 使用者保持警惕，實施負責任的私鑰管理，並向相關當局報告任何可疑活動。