尽管行业努力阻止它们，但Bybit Hackers已设法兑现了大约3亿美元被盗$ 1.4B的数字资产

报道表明，Bybit Hack背后的网络犯罪分子已兑现了他们偷走的14亿美元数字资产中约3亿美元。

The hackers behind the Bybit hack have managed to cash out approximately $300 million of the $1.4 billion in digital assets they stole, despite industry efforts to prevent them. The hack, which is thought to be the biggest in crypto history, has sparked debate about how Web3 firms can prevent similar attacks in the future.

尽管行业努力阻止它们，但Bybit Hack背后的黑客攻击了他们偷走的14亿美元数字资产中约有3亿美元。被认为是加密历史上最大的黑客，引发了有关Web3公司如何防止类似攻击的辩论。

According to crypto investigator Tom Robinson, co-founder of Elliptic, the hackers, who are largely focused on evading security experts who are trying to block the stolen funds, have managed to siphon off 20% of the funds, which has now “gone dark.”

Crypto调查员埃尔利普蒂奇（Elliptic）的联合创始人汤姆·罗宾逊（Tom Robinson）表示，黑客主要专注于逃避试图阻止被盗资金的安全专家，他设法借鉴了20％的资金，这些资金现在已经“黑暗了”。

Reporting that his team can now see the hackers’ activity, which suggests they are working nearly 24 hours a day, Robinson added that “every minute matters for the hackers, who are trying to confuse the money trail, and they are extremely sophisticated in what they’re doing.”

罗宾逊报道说，他的团队现在可以看到黑客的活动，这表明他们每天工作了将近24小时，他补充说：“每一分钟对于黑客来说都是很重要的，他们试图混淆货币踪迹，而且他们的工作非常精致。”

As previously reported by Bitcoin.com News, the North Korea-backed Lazarus Group, which is thought to be behind the Bybit hack, successfully used an industry bug to swap some of the stolen ether (ETH) for more than 6,000 bitcoin (BTC).

正如Bitcoin.com News先前报道的那样，朝鲜支持的拉撒路集团（Lazarus Group）被认为是Bybit Hack的背后，成功地使用了一个行业错误将一些被盗的Ether（ETH）换成超过6,000个比特币（BTC）。

The conversion to BTC, which is an autonomous cryptocurrency that renders it nearly impossible for Bybit to recover, is part of a wider effort by the hackers to liquidate the stolen cryptocurrency holdings.

向BTC的转换是一种自主加密货币，它几乎无法恢复，这是黑客更广泛努力的一部分，即清算被盗的加密货币控股。

However, North Korea’s alleged prowess in hacking and laundering, combined with the fact that the task was made more challenging by the carelessness of crypto firms, has made it difficult for security experts, who have identified $40 million of the stolen funds, to make significant progress.

但是，朝鲜据称在黑客和洗钱方面的实力，加上这一事实，即由于加密货币公司的粗心大意，这项任务变得更具挑战性，这使得对已有4000万美元偷来的资金的安全专家很难取得重大进展。

What Web3 Firms Can Do to Prevent Hacks

Web3公司可以采取哪些措施来防止黑客攻击

The scale of the Bybit hack, as well as the apparent ability of the hackers to evade and outpace industry efforts to stymie them, has sparked debate about what steps Web3 firms should take to prevent similar attacks in the future.

Bybit Hack的规模以及黑客逃避和超越行业努力阻碍他们的明显能力，引发了有关Web3公司将来应采取哪些步骤的辩论，以防止将来采取类似的攻击。

Some, like Konstantin Stanislavsky, founder of crypto recovery firm TRM, believe the transparency and industry cooperation seen after the hack are the best ways to counter hackers.

加密货币公司TRM的创始人Konstantin Stanislavsky这样的一些人认为，在黑客攻击之后看到的透明度和行业合作是反黑客的最佳方法。

“The crypto industry has come together in an unprecedented way to track the stolen funds and support the victims of this devastating hack,” said Stanislavsky.

斯坦尼斯拉夫斯基说：“加密货币产业以前所未有的方式汇聚在一起，以追踪被盗资金并支持这种毁灭性骇客的受害者。”

However, critics assert that the fact the hackers, who are known to keep stolen funds for years before liquidating them, have already managed to cash out a third of the stolen funds in a short period of time undermines this argument.

但是，批评者断言，众所周知，黑客在清算之前曾保留被盗资金的事实，已经设法在短时间内兑现了三分之一的被盗资金，这破坏了这一论点。

Instead, others, like Nanak Nihal Khalsa, co-founder of Web3 identity firm Holonym, believe a technology like zero-knowledge proofs (ZKPs) could have prevented an attack that was attributed to blind signing vulnerabilities on Ledger hardware wallet devices.

取而代之的是，Web3 Identity公司Holyony的联合创始人Nanak Nihal Khalsa这样的其他人认为，像零知识证明（ZKP）这样的技术可能会阻止攻击造成的攻击，该攻击归因于在Ledger硬件钱包设备上盲目签名漏洞。

Although it’s said to be the bedrock of many privacy-preserving protocols, Khalsa and others believe blind signing may be on borrowed time, and steps must be taken to get further ahead of criminals.

尽管据说这是许多保存隐私协议的基石，但Khalsa和其他人认为盲人签署可能是在借来的时间上，并且必须采取措施才能超越罪犯。

Pointing out how Holonym could have prevented the attack, Khalsa added that their Human Wallet has a feature that prevents blind signing by showing a human-readable transaction on a hardware wallet instead of the usual undecipherable data.

Khalsa在指出圣个名义是如何阻止攻击的，他补充说，他们的人体钱包具有通过在硬件钱包上显示人类可读的交易来防止盲目签名的功能，而不是通常的不明确数据。

“This allows the user to make an informed decision about whether or not to approve the transaction. In the case of the Ledger hardware wallet, the hackers were able to blind sign a large transaction that went undetected. However, with Holonym’s Human Wallet, the user would have seen the transaction in plain English and would have been able to cancel it if they had chosen.”

“这使用户可以就是否批准交易做出明智的决定。在分类帐硬件钱包的情况下，黑客能够盲目签署一项未被发现的大型交易。但是，借助Holyon的人体钱包，用户本来可以看到简单的英语交易，如果选择的话，他们将能够取消该交易。”

Further stating that current solutions overpromise safety but underdeliver, Khalsa said ZKP solutions like Holonym’s can serve as the much-needed “shield” that keeps signers informed without jeopardizing speed or security.

Khalsa进一步指出，当前的解决方案过高的安全性，但不足，Khalsa表示，像Holymons这样的ZKP解决方案可以用作急需的“盾牌”，可以使签名人通知签名者而不会危及速度或安全性。

While there is no broad consensus on how the industry moves on from what has been described as the biggest hack ever, ZKP proponents like Khalsa believe this technology can play a part in rebuilding trust in the industry.

尽管该行业如何从被描述为有史以来最大的黑客攻击的情况下尚无共识，但像Khalsa这样的ZKP支持者认为，这项技术可以在重建该行业的信任中发挥作用。