Binance Launchpool 黑客攻击暴露了持续存在的加密漏洞

最近，币安发行池发生安全漏洞，导致假冒 ENA 代币被利用，导致价值约 29 万美元的 480 个 BNB 代币被盗。

Binance Launchpool Security Breach Exposes Ongoing Crypto Vulnerabilities

币安 Launchpool 安全漏洞暴露了持续存在的加密漏洞

In a brazen and costly security breach, Binance's Launchpool platform became the stage for a malicious imposter token masquerading as Ethena Labs' legitimate ENA token. This deceitful scheme resulted in the unlawful extraction of 480 BNB tokens, valued at approximately $290,000.

在一次公然且代价高昂的安全漏洞中，币安的 Launchpool 平台成为恶意冒名顶替者代币伪装成 Ethena Labs 合法 ENA 代币的舞台。这一欺骗性计划导致 480 个 BNB 代币被非法提取，价值约 29 万美元。

The exact vulnerability exploited in this incident remains shrouded in mystery. However, security experts have identified a series of factors that may have contributed to the breach.

此事件中所利用的具体漏洞仍然笼罩在神秘之中。然而，安全专家已经确定了一系列可能导致此次泄露的因素。

Initial reports of the incident emerged from PeckShield, an on-chain security firm, at 8:31 am UTC on March 29. In a confusing twist, PeckShield initially misidentified the counterfeit token as the genuine ENA token in a post on X.

3 月 29 日上午 8:31，链上安全公司 PeckShield 发布了该事件的初步报告。令人困惑的是，PeckShield 最初在 X 上的一篇帖子中将假冒代币误认为是真正的 ENA 代币。

This deceptive operation unfolded mere hours after Ethena Labs officially announced its ENA token on Binance's Launchpool on the same day. The timing and similarity in nomenclature created a fertile ground for confusion among investors and stakeholders.

这一欺骗性操作是在 Ethena Labs 同日在币安 Launchpool 上正式宣布其 ENA 代币几个小时后发生的。命名的时机和相似性为投资者和利益相关者之间的混乱创造了肥沃的土壤。

This incident casts a shadow over the otherwise successful launch of Ethena Labs' USDe synthetic dollar on February 19. By March 8, Ethena had garnered accolades as the top-earning decentralized application (DApp) in the cryptocurrency sector, promising investors an annual percentage yield (APY) of 67%.

这一事件给 Ethena Labs 于 2 月 19 日成功推出 USDe 合成美元蒙上了阴影。截至 3 月 8 日，Ethena 已获得加密货币领域收入最高的去中心化应用程序 (DApp) 的赞誉，向投资者承诺了年百分比收益率(APY) 为 67%。

While the exploit involving the counterfeit ENA token may pale in comparison to other cryptocurrency heists, it occurred in close proximity to the Prisma Finance hack on March 28, which resulted in losses exceeding $11 million.

虽然涉及假冒 ENA 代币的漏洞与其他加密货币盗窃案相比可能相形见绌，但它发生的时间与 3 月 28 日 Prisma Finance 黑客攻击事件非常接近，导致损失超过 1100 万美元。

These events underscore the ongoing challenges and security vulnerabilities that plague the crypto industry, undermining investor confidence.

这些事件凸显了困扰加密货币行业的持续挑战和安全漏洞，削弱了投资者的信心。

Blockchain security firm Immunefi reports that throughout 2024, over $200 million in cryptocurrency assets have been compromised across 32 separate incidents up to February 29. This represents a 15.4% increase from the losses recorded in January and February 2023, which totaled $173 million.

区块链安全公司 Immunefi 报告称，截至 2 月 29 日，2024 年全年，超过 2 亿美元的加密货币资产在 32 起不同事件中遭到泄露。这比 2023 年 1 月和 2 月记录的损失总额增加了 15.4%，损失总额为 1.73 亿美元。

The cryptocurrency sector endured significant losses due to hacking activities in 2023, with a total of $1.8 billion stolen. The North Korean Lazarus Group was responsible for approximately 17% of these losses.

2023 年，加密货币行业因黑客活动遭受重大损失，总计 18 亿美元被盗。朝鲜 Lazarus 集团约占这些损失的 17%。

However, a report from Chainalysis, titled the "2024 Crypto Crime Report," highlights a decline in overall crypto theft in 2023. While 2022 witnessed the peak of such activity, with over $3.7 billion in stolen funds, 2023 saw a significant drop to $1.7 billion. Chainalysis attributes this decline primarily to a reduction in decentralized finance (DeFi) hacking incidents, with the total value stolen from DeFi platforms dropping by 63.7%.

然而，Chainaanalysis 的一份题为“2024 年加密货币犯罪报告”的报告强调，2023 年加密货币盗窃总量有所下降。虽然 2022 年见证了此类活动的顶峰，被盗资金超过 37 亿美元，但 2023 年大幅下降至 1.7 美元十亿。 Chainaanalysis 将这一下降主要归因于去中心化金融 (DeFi) 黑客事件的减少，从 DeFi 平台被盗的总价值下降了 63.7%。

As the cryptocurrency industry continues to evolve and expand, it is imperative that exchanges, developers, and investors prioritize security measures. The recent Binance Launchpool breach serves as a stark reminder of the need for continuous vigilance and robust cybersecurity protocols to protect the integrity of the crypto ecosystem.

随着加密货币行业的不断发展和扩张，交易所、开发商和投资者必须优先考虑安全措施。最近的币安 Launchpool 泄露事件清楚地提醒我们需要持续保持警惕并采用强大的网络安全协议来保护加密生态系统的完整性。