蟲洞駭客差點獲得空投，但團隊迅速堵住安全漏洞

2023 年，Wormhole 的空投計畫無意中將造成 2022 年 3.2 億美元違規事件的駭客納入其中，使他們有資格獲得 5 萬美元的代幣索賠。儘管出現了最初的錯誤，Wormhole 團隊還是立即將駭客的錢包從空投清單中刪除，從而減少了任何潛在的支付。

Wormhole Hacker Briefly Eligible for Airdrop, Promptly Removed

蟲洞駭客短暫符合空投資格，立即刪除

On April 4, 2023, pseudonymous researcher Pland on X (formerly known as Twitter) exposed a brief lapse in Wormhole's security measures, revealing that wallets connected to the infamous $320 million hack in 2022 were inadvertently added to the list of eligible users for its W token airdrop.

2023 年4 月4 日，X（前身為Twitter）上的化名研究員Pland 曝光了Wormhole 安全措施的短暫失誤，透露與2022 年臭名昭著的3.2 億美元黑客事件有關的錢包無意中被添​​加到其W 的合格用戶列表中。代幣空投。

The revelation stemmed from an analysis of Wormhole's airdrop eligibility process, which indicated that four wallets linked to the 2022 hack were initially marked as eligible for claiming the airdropped W tokens. Had the hackers exploited this oversight, they could have potentially claimed approximately $50,000 worth of the newly launched cryptocurrency.

這項爆料源自於 Wormhole 空投資格流程的分析，該流程顯示與 2022 年駭客攻擊有關的四個錢包最初被標記為有資格領取空投的 W 代幣。如果駭客利用這一疏忽，他們可能會損失價值約 5 萬美元的新推出的加密貨幣。

However, a subsequent check of the affected wallet addresses on the Wormhole website confirmed that the team had swiftly addressed the issue and removed them from the eligibility list. The Solana Block Explorer has also flagged the four wallets for their involvement in the 2022 breach, providing further evidence of their malicious intent.

然而，隨後對 Wormhole 網站上受影響的錢包地址進行的檢查證實，該團隊已迅速解決了該問題並將其從資格清單中刪除。 Solana Block Explorer 也標記了這四個錢包參與了 2022 年的洩漏事件，為他們的惡意意圖提供了進一步的證據。

The Wormhole hack remains a pivotal event in the history of cryptocurrency, with the stolen funds ranking among the largest breaches in the sector. The incident prompted a counter-exploit by decentralized finance platform Oasis.app and infrastructure firm Jump Crypto, which successfully recovered approximately $225 million in digital assets from the hacker.

蟲洞駭客事件仍然是加密貨幣歷史上的關鍵事件，而被盜資金被列為該行業最大的違規事件之一。這起事件引發了去中心化金融平台 Oasis.app 和基礎設施公司 Jump Crypto 的反利用，成功從駭客手中追回約 2.25 億美元的數位資產。

Wormhole's decision to distribute over 617 million W tokens to eligible users has raised concerns regarding potential security risks. Blockchain sleuth ZachXBT on X has issued warnings about the proliferation of scammers and hackers exploiting the airdrop to target unsuspecting users.

Wormhole 決定向符合資格的用戶分發超過 6.17 億個 W 代幣，引發了人們對潛在安全風險的擔憂。 X 上的區塊鏈偵探 ZachXBT 已就利用空投攻擊毫無戒心的用戶的詐騙者和駭客氾濫發出警告。

ZachXBT has identified numerous fake X handles sporting gold checkmarks, commonly associated with verified accounts. He emphasizes that these handles are often used by scammers to lure users into clicking phishing links, potentially exposing them to financial loss.

ZachXBT 已識別出許多帶有金色複選標記的假 X 手柄，這些手柄通常與經過驗證的帳戶相關。他強調，詐騙者經常使用這些句柄來引誘用戶點擊網路釣魚鏈接，這可能會使他們蒙受經濟損失。

Wormhole's prompt removal of the compromised wallets from the airdrop eligibility list has mitigated the potential impact of this security lapse. However, the broader concerns raised by the airdrop and the ongoing presence of malicious actors underscore the critical importance of vigilance and caution within the cryptocurrency community.

Wormhole 迅速地將受感染的錢包從空投資格清單中刪除，減輕了這項安全漏洞的潛在影響。然而，空投引發的更廣泛擔憂以及惡意行為者的持續存在凸顯了加密貨幣社群內保持警惕和謹慎的至關重要性。