Web3 遊戲區塊鏈 Ronin Network 遭到攻擊者攻擊，盜取了總計 1200 萬美元的以太幣 ($ETH) 和美元硬幣 ($USDC) 代幣

Ronin 宣布利用 Ronin 透露，週二從 Ronin 橋上提取了 4,000 美元 ETH 和 200 萬美元 USDC 代幣。

Web3 gaming blockchain Ronin Network was attacked by actors who pilfered a total of $12 million in Ether ($ETH) and USD Coin ($USDC) tokens due to an issue with the Ronin bridge, and while the stolen funds have been returned by the "white hats," some crypto users' questions remain unanswered.

Web3 遊戲區塊鏈 Ronin Network 受到攻擊者的攻擊，由於 Ronin 橋的問題，他們竊取了總計 1200 萬美元的以太幣 ($ETH) 和美元硬幣 ($USDC) 代幣，而被盜資金已由“白帽”，一些加密貨幣用戶的問題仍未得到解答。

Announcing the exploit on Tuesday, Ronin said 4,000 $ETH and two million $USDC tokens were withdrawn from the Ronin bridge. "Today's bridge upgrade, after being deployed through the governance process, introduced an issue leading the bridge to misinterpret the required bridge operators vote threshold to withdraw funds," the Ethereum Virtual Machine (EVM) compatible network said of the exploit.

Ronin 週二宣布了這一漏洞，並表示從 Ronin 橋中提取了 4,000 美元 ETH 和 200 萬美元 USDC 代幣。以太坊虛擬機（EVM）相容網路在談到該漏洞時表示：「今天的網橋升級在透過治理流程進行部署後，引入了一個問題，導致網橋誤解了提取資金所需的網橋營運商投票閾值。

"Earlier today, we were notified by white-hats about a potential exploit on the Ronin bridge," the network said, adding that after verifying the reports, the bridge was paused approximately 40 minutes after the first on-chain action was spotted.

該網絡表示：「今天早些時候，我們接到白帽駭客的通知，稱Ronin 橋上存在潛在的漏洞。」並補充說，在核實報告後，在發現第一個鏈上操作後，該橋暫停了大約40 分鐘。

"The actors withdrew ~4K ETH and 2M USDC, valued at ~$12M, which were quickly spotted by our team and white-hats and moved into a safe place. We are currently negotiating with the actors, who appear to be acting as white-hats and have responded in good faith," it said, adding that all user funds are safe and should there be any shortfalls, the funds will be re-deposited into the bridge once it is back in operation.

「演員們提取了約4K ETH 和200 萬USDC，價值約1200 萬美元，很快就被我們的團隊和白帽子發現並轉移到了安全的地方。我們目前正在與演員進行談判，他們似乎扮演著白人的角色-帽子並做出了真誠的回應。

A few hours after the exploit announcement, Ronin said the entire $12 million in pilfered funds had been returned by the actors. "We thank the white hats for their vigilance and integrity. The Bug Bounty Program will reward the white hats with a 500 K bounty," it said.

在公佈漏洞利用消息幾小時後，Ronin 表示，駭客已歸還全部 1,200 萬美元被盜資金。 「我們感謝白帽子的警惕和正直。Bug 賞金計劃將獎勵白帽子 50 萬的賞金，」它說。

"Update: The ETH (~$10 M) has been returned and we expect that the USDC will be returned later today. We thank the white hats for their vigilance and integrity. The Bug Bounty Program will reward the white hats with a 500 K bounty. The bridge will undergo an audit before it is…"On further steps to prevent another exploit, Ronin said the bridge will undergo an audit before reopening and the bridge will be shifted away from the network's current structure.

「更新：ETH（約 1000 萬美元）已被返還，我們預計 USDC 將在今天晚些時候返還。我們感謝白帽子的警惕性和正直。Bug 賞金計劃將獎勵白帽子 50 萬美元這座橋將在重新開放之前接受審核…「為了防止再次被利用，羅寧表示，這座橋將在重新開放之前接受審核，而這座橋將遠離網路當前的結構。

Crypto users raise issue about white hatsDespite the security incident's resolution and the return of all withdrawn funds, some cryptocurrency users questioned the supposed white hat process. "How are they whitehats if you have to negotiate?" one user asked, adding that white hat hackers should only have informed Ronin about the breach "without stealing" tokens.

加密貨幣用戶提出有關白帽的問題儘管安全事件得到解決並且所有撤回的資金都已歸還，但一些加密貨幣用戶對所謂的白帽流程提出了質疑。 “如果你必須談判的話，他們怎麼會是白帽呢？”一位用戶問道，並補充說白帽駭客應該只向 Ronin 通報這次洩漏事件，「而不是竊取」代幣。

"How are they whitehats if you have to negotiate? Whitehats would have informed you about the exploit without stealing it in the first place. Honestly."As other users joined in on the debate, the user went on to reiterate his stance that the group that returned the funds were "greyhats at best" since white hats wouldn't be in the "negotiation" table unless they were hired to do so. "There has been massive reputational damage caused by acting this way and any 'negotiation' is holding the project hostage," he insisted.

「如果你必須進行談判，他們怎麼會是白帽？白帽會在一開始就通知你這個漏洞，而不會竊取它。老實說。」隨著其他用戶加入辯論，該用戶繼續重申他的立場，即該組織返還資金的人充其量是“灰帽子”，因為白帽子不會出現在“談判”桌上，除非他們被雇用這樣做。他堅稱：“這種行為造成了巨大的聲譽損害，任何‘談判’都會使該項目成為人質。”

Another user argued that it took the white hats "too long" to return the funds if they truly were white hat hackers, as Ronin said.

正如羅寧所說，另一名用戶認為，如果白帽確實是白帽駭客，那麼他們花了「太長時間」才歸還資金。

"White hack? Are you sure guys? He took too long to return the funds. Anyway the criticality in your Smart Contract was detected by @TheArkhivist Team one hour before it happened.https://t.co/t3myBRrWhs"Several other users floated the theory of a "self hack," something the crypto industry has seen in some exploits over the years.

「白黑客？你們確定嗎？他花了太長時間才歸還資金。無論如何，@TheArkhivist 團隊在事件發生前一小時就檢測到了您的智能合約中的嚴重性。https://t.co/ t3myBRrWhs」其他幾位用戶提出了「自我駭客」的理論，加密產業多年來在一些漏洞利用中已經看到了這一點。

"SelfHack

「自我駭客

Insiders getting a free milli.

內部人士免費獲得一毫。

Damn..web3

該死的..web3

Smells somtthing fishy"Aside from the notion that it could have been an "insider" job, many users pointed out that it wasn't the first time the Ronin network was hacked. One user asked how many more times the blockchain should be exploited before the team learns. The Ronin bridge was hacked in March 2022, as per auditing firm QuillAudits. At the time, the blockchain lost a whopping $600 million.

聞起來有股腥味」除了認為這可能是「內部」工作之外，許多用戶還指出，這並不是 Ronin 網路第一次被駭客攻擊。一位用戶詢問區塊鏈還應該被利用多少次？該團隊獲悉，根據審計公司QuillAudits 的說法，Ronin 橋於2022 年3 月遭到駭客攻擊，當時區塊鏈損失了6 億美元。

"Urgent Security Alert: Ronin Bridge Exploit 🚨 Frens, @Ronin_Network has been hit by another serious breach, marking the third major exploit in its history.

「緊急安全警報：Ronin Bridge 漏洞 🚨 Frens，@Ronin_Network 遭遇另一次嚴重漏洞，這是其歷史上的第三次重大漏洞。

At 09:37:23 AM UTC, the Axie Infinity: Ronin Bridge V2 transferred 3,996 ETH to the MEV Bot, which then transferred 4.00… pic.twitter.com/RvrV2dG081"

世界標準時間上午 09:37:23，Axie Infinity: Ronin Bridge V2 向 MEV 機器人傳輸了 3,996 ETH，然後 MEV 機器人又傳輸了 4.00… pic.twitter.com/RvrV2dG081"