|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
这不是什么秘密。区块链安全专家去年在屋顶上大声疾呼:针对私钥和智能合约所有权的基础设施攻击将在 2024 年对加密项目造成重大损害。
Despite warnings from blockchain security experts, some companies failed to secure their private keys, leading to major crypto hacks in 2024. Here are the five biggest:
尽管区块链安全专家发出警告,但一些公司未能保护其私钥,导致 2024 年发生重大加密货币黑客攻击。以下是其中最严重的 5 起:
1. DMM Bitcoin Lost $308 Million in May: Japanese crypto exchange DMM Bitcoin was hit hard, losing 4,502.9 Bitcoin (around $308 million) in May. While the details are still murky, security researchers believe North Korean hackers may have accessed the platform’s private keys. This is based on the similarities in laundering techniques used by the attackers, which are linked to the Lazarus Group, a notorious North Korean cybercrime syndicate. DMM Bitcoin failed to recover from the hack, closing earlier this month and transferring its assets to trading platform SVI VC Trade.
1. DMM Bitcoin 5 月份损失 3.08 亿美元:日本加密货币交易所 DMM Bitcoin 遭受重创,5 月份损失 4,502.9 比特币(约合 3.08 亿美元)。虽然细节仍不清楚,但安全研究人员认为朝鲜黑客可能已经访问了该平台的私钥。这是基于攻击者使用的洗钱技术的相似性,这些攻击者与臭名昭著的朝鲜网络犯罪集团拉撒路集团有联系。 DMM Bitcoin 未能从黑客攻击中恢复过来,于本月初关闭并将其资产转移到交易平台 SVI VC Trade。
2. PlayDapp Hacked for $290 Million, but Averted災難: South Korean blockchain gaming app PlayDapp managed to avoid catastrophe despite suffering a massive hack in February. A hacker managed to hijack control of PlayDapp’s smart contract for minting tokens, creating 200 million PLA tokens. At the time, the tokens were valued at $26 million. PlayDapp quickly intervened, contacting exchanges to freeze the tokens and preventing the attacker from cashing out. However, the attacker persisted, minting 1.6 billion PLA tokens (around $264 million) a few days later, but they were unable to sell them. PlayDapp has since migrated to a new token contract.
2. PlayDapp 被黑客攻击损失 2.9 亿美元,但避免了灾难:韩国区块链游戏应用程序 PlayDapp 尽管在 2 月份遭受了大规模黑客攻击,但仍设法避免了灾难。一名黑客成功劫持了 PlayDapp 铸造代币智能合约的控制权,创造了 2 亿个 PLA 代币。当时,这些代币的价值为 2600 万美元。 PlayDapp 迅速介入,联系交易所冻结代币并阻止攻击者兑现。然而,攻击者坚持不懈,几天后铸造了 16 亿枚 PLA 代币(约合 2.64 亿美元),但无法出售。 PlayDapp 此后已迁移到新的代币合约。
3. Hackers Stole $235 Million from WazirX in Multisig Wallet Breach: At first glance, India’s largest crypto exchange, WazirX, appeared to be a secure platform. It utilized a multisig wallet with four out of six signers, had address whitelisting configured to an offsite interface, and kept signing keys in a hardware wallet. Despite these measures, the platform lost nearly half of its assets in a single incident. In July, hackers breached one of the platform’s multisig wallets, stealing various cryptocurrencies, including Ether and the Shiba Inu memecoin, totaling $235 million. The attackers employed a complex attack vector, tricking WazirX wallet administrators into ceding access control to the bad actors, which they then used to bypass other security measures and syphon funds from the platform’s wallet. In November, police in India arrested a suspect allegedly connected to the hack.
3. 黑客在多重签名钱包泄露中从 WazirX 窃取了 2.35 亿美元:乍一看,印度最大的加密货币交易所 WazirX 似乎是一个安全平台。它使用了六分之四签名者的多重签名钱包,将地址白名单配置到场外接口,并将签名密钥保存在硬件钱包中。尽管采取了这些措施,该平台还是在一次事件中损失了近一半的资产。 7 月,黑客攻破了该平台的一个多重签名钱包,窃取了各种加密货币,包括以太币和柴犬 memecoin,总计 2.35 亿美元。攻击者采用了复杂的攻击媒介,欺骗 WazirX 钱包管理员将访问控制权交给不良行为者,然后他们利用这些攻击绕过其他安全措施并从平台钱包中窃取资金。 11 月,印度警方逮捕了一名涉嫌与黑客攻击有关的嫌疑人。
4. Radiant Capital Attacked Twice, Losing $62.5 Million: Cross-chain DeFi lending protocol Radiant Capital was hit by cybercriminals not once but twice in 2024, in January and October. In the first attack, an attacker manipulated the protocol’s smart contract to steal $4.5 million from Radiant Capital versions deployed on Arbitrum and BNB Chain. Later in October, the platform lost $58 million when hackers compromised the protocol developer’s private keys to steal funds. This second attack has been linked to North Korean cybercriminals. The attacker posed as a former team member and sent a malware-laced digital file to the project’s developer. The malware provided the hackers access to Radiant Capital’s computers, where the private keys were stored.
4. Radiant Capital 两次遭受攻击,损失 6250 万美元:跨链 DeFi 借贷协议 Radiant Capital 在 2024 年 1 月和 10 月两次遭受网络犯罪分子的攻击。在第一次攻击中,攻击者操纵该协议的智能合约,从部署在 Arbitrum 和 BNB Chain 上的 Radiant Capital 版本中窃取了 450 万美元。 10 月晚些时候,黑客泄露了协议开发者的私钥以窃取资金,该平台损失了 5800 万美元。这第二次攻击与朝鲜网络犯罪分子有关。攻击者冒充前团队成员,向项目开发人员发送了包含恶意软件的数字文件。该恶意软件使黑客能够访问存储私钥的 Radiant Capital 计算机。
5. Munchables Internal Hacker Stole $62.5 Million, Later Returned Keys: External actors are not the only threats to crypto projects; sometimes, the bad guys are within. That was the case in March for Muncha
5. Munchables 内部黑客窃取了 6250 万美元,后来归还了密钥:外部参与者并不是加密项目的唯一威胁;有时,坏人就在里面。蒙查三月份的情况就是如此
免责声明:info@kdj.com
The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!
If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.
-
- 2023 年 Solana 值得购买吗?
- 2024-12-24 07:05:02
- 自 2020 年春季推出以来,Solana(加密货币:SOL)加密货币一直在疯狂发展。
-
- 马斯克的 Meme 引起病毒式传播后,DOGE 代币上涨 50%
- 2024-12-24 07:05:02
- 政府效率部代币以埃隆·马斯克的名字命名,他最近成为同名政府机构的负责人。