美国加拿大协作业务块损失430万美元的以太坊钱包用户的批准网络钓鱼攻击

一项协作的美国加拿大业务封锁了430万美元对以太坊钱包用户的批准网络钓鱼攻击。美国特勤局和加拿大执法机构追踪并通知了受害者。

A joint U.S.-Canadian operation has reportedly blocked a $4.3 million approval phishing attack on Ethereum wallet users. The U.S. Secret Service and Canadian law enforcement agencies tracked down and notified the victims.

据报道，美国加拿大联合的行动已封锁了430万美元对以太坊钱包使用者的批准网络钓鱼攻击。美国特勤局和加拿大执法机构追踪并通知了受害者。

The authorities identified several blockchain addresses that were compromised or vulnerable to exploitation. Scammers use approval phishing to deceive users into authorizing token transfers, after which the fraudsters can access and drain the wallets.

当局确定了几个被妥协或容易受到剥削的区块链地址。骗子使用批准的网络钓鱼来欺骗用户授权代币转移，然后欺诈者可以访问和排空钱包。

These criminals often carry out these scams through social engineering methods, including the “pig butchering” romance scam. Once a victim approves a malicious transaction request, the attackers gain complete control of their assets.

这些罪犯经常通过社会工程学方法进行这些骗局，包括“猪屠杀”浪漫史骗局。一旦受害者批准了恶意交易请求，攻击者就会完全控制其资产。

Operation Avalanche focused on fraudulent transactions on the Ethereum network. Investigators worked with blockchain analysts to identify the wallets affected in the phishing scheme. The team then contacted the wallet holders to warn them about the threat and protect their assets.

Avalanche行动集中在以太坊网络上的欺诈交易上。研究人员与区块链分析师合作，以确定网络钓鱼方案中影响的钱包。然后，团队与钱包持有人联系，警告他们有关威胁并保护其资产的信息。

The operation involved multiple law enforcement agencies in Canada and the U.S. to halt the ongoing fraud. The B.C. Securities Commission and the U.S. Secret Service took the lead in this initiative. Additionally, provincial police forces and securities regulators contributed their expertise and resources to the operation.

该行动涉及加拿大和美国的多个执法机构，以阻止正在进行的欺诈行为。卑诗省证券委员会和美国特勤局领导了这项倡议。此外，省警察部队和证券监管机构还为行动提供了专业知识和资源。

Analysts from the Washington Field Office of the Secret Service provided technical and forensic support for the investigation. The Canadian agencies collaborated with the Secret Service to identify the stolen funds and mitigate future threats. This cooperation helped in tracking the transactions and analyzing the scammers’ methods.

特勤局华盛顿现场办公室的分析师为调查提供了技术和法医支持。加拿大机构与特勤局合作，以确定被盗的资金并减轻未来的威胁。这种合作有助于跟踪交易并分析骗子的方法。

Officials mentioned that the hacked wallets had approved token transfers to malicious addresses through their token approval process, allowing the fraudsters to maintain control even without the victims transferring funds directly.

官员们提到，被黑客的钱包已通过其令牌批准程序批准了对恶意地址的代币转让，即使没有受害者直接转移资金，欺诈者也能够保持控制。

These scammers exploited the granted permissions to operate undetected and circumvent standard security alerts.

这些诈骗者利用了授予的许可，以操作未发现和规避标准安全警报的权限。

Chainalysis data shows that approval phishing has led to approximately $2.7 billion in cryptocurrency losses between 2021 and 2024. However, the actual total loss could be even higher as many cases go unreported. These scams are sophisticated and can affect individual users and decentralized organizations (DAOs).

链分析数据表明，批准网络钓鱼导致2021年至2024年之间的加密货币损失约为27亿美元。但是，随着许多案件未报告，实际的总损失可能更高。这些骗局很复杂，可能会影响个人用户和分散组织（DAOS）。

The Ethereum network has seen significant losses due to approval phishing, with one notable instance being the $120 million attack on Badger DAO. The scammers often target wealthy NFT collectors and active crypto users.

以太坊网络由于批准的网络钓鱼而造成了巨大损失，其中一个值得注意的例子是对Badger Dao的1.2亿美元袭击。骗子通常以富有的NFT收集者和活跃的加密使用者为目标。

Attackers capitalize on user trust and limited understanding of wallet permissions. In one case, an influencer fell victim to a romance scam over two years ago, leading to the loss of $2.6 million in cryptocurrencies.

攻击者利用用户信任和对钱包权限的有限理解。在一个案例中，有影响力的人在两年前遭受了浪漫史的受害者，导致损失了260万美元的加密货币。

The operation highlights the importance of international cooperation in disrupting transnational crypto fraud and cybercrime. The investigators worked with a blockchain analysis firm and a cryptocurrency exchange to monitor the suspicious wallet transactions. This initiative led to the dismantling of several criminal networks.

该行动强调了国际合作在破坏跨国加密欺诈和网络犯罪方面的重要性。研究人员与区块链分析公司和加密货币交换合作，以监视可疑的钱包交易。这项倡议导致拆除了几个犯罪网络。