DeFi 闪电贷：双刃剑，流失数百万美元，引发安全担忧

DeFi 协议 Akropolis、Value DeFi Protocol 和 Origin Protocol 通过闪贷漏洞总共损失了 1640 万美元的 ETH 和 Dai。由于金库提现定价漏洞，Value DeFi 遭受了 740 万美元的损失，而 Origin Protocol 损失了 700 万美元，Akropolis 损失了 200 万美元。闪电贷允许用户在同一区块内无需抵押即可借入资金，这使得攻击者能够利用协议的弱点，引发了关于其风险和收益的争论。

DeFi Flash Loans: A Double-Edged Sword Draining Millions from Protocols

DeFi 闪电贷：一把双刃剑，从协议中流失数百万美元

In a relentless digital assault, hackers have siphoned a staggering $16.4 million in Ethereum (ETH) and Dai from three DeFi projects in just the past week, exploiting a sophisticated technique known as flash loans. These attacks have sent shockwaves through the DeFi community, raising questions about the security of these decentralized financial protocols.

在一场无情的数字攻击中，黑客利用一种名为闪电贷的复杂技术，在过去一周从三个 DeFi 项目中窃取了价值 1640 万美元的以太坊 (ETH) 和 Dai。这些攻击给 DeFi 社区带来了冲击，引发了人们对这些去中心化金融协议的安全性的质疑。

Value DeFi: A $7.4 Million Heist

价值 DeFi：740 万美元的抢劫

On Value DeFi, an attacker masterfully orchestrated a series of flash-loaned ETH swaps for DAI and USDT to infiltrate the protocol's multi-stablecoin vault. Leveraging the vault's withdrawal mechanism, they manipulated stablecoin prices to extract $7.4 million. However, the hacker later returned $2 million, leaving the protocol with a net loss of $5.4 million.

在 Value DeFi 上，攻击者巧妙地策划了一系列以闪贷方式交换 DAI 和 USDT 的 ETH，以渗透到该协议的多稳定币金库。他们利用金库的提现机制，操纵稳定币价格，套取 740 万美元。然而，黑客后来返还了 200 万美元，导致该协议净损失 540 万美元。

In response, Value DeFi has suspended its vaults, prudently ensuring the safety of depositors' funds. A meticulous post-mortem investigation is underway to determine the exact compensation amounts for affected users.

对此，Value DeFi 已暂停金库，审慎确保储户资金安全。正在进行细致的事后调查，以确定受影响用户的确切赔偿金额。

Origin Protocol: $7 Million Compromised

Origin 协议：损失 700 万美元

Origin Protocol fell victim to a similar flash loan attack, resulting in a $7 million loss. The hacker repeated the rinse-and-wash pattern on liquidity platforms like Uniswap, exploiting the protocol's vulnerabilities. Origin has disabled vault deposits and has issued a stern warning against purchasing its OUSD token, emphasizing that its current price does not reflect its underlying assets. The team is exploring options to compensate users if the lost funds cannot be recovered.

Origin Protocol 成为类似闪贷攻击的受害者，导致 700 万美元损失。黑客利用协议的漏洞，在 Uniswap 等流动性平台上重复了“冲洗和清洗”模式。 Origin 已禁止金库存款，并对购买其 OUSD 代币发出严厉警告，强调其当前价格并未反映其基础资产。如果无法追回损失的资金，该团队正在探索对用户进行补偿的方案。

Akropolis: $2 Million Drained

Akropolis：耗尽 200 万美元

Akropolis suffered a $2 million loss due to the exploitation of pooltokens minted without adequate asset backing. To enhance security, Akropolis has implemented additional checks for deposit tokens and re-entrancy guards for deposits and withdrawals. The team plans to conduct thorough contract testing and gradually reopen staking pools next week.

由于在没有足够资产支持的情况下铸造的矿池代币被利用，Akropolis 遭受了 200 万美元的损失。为了增强安全性，Akropolis 对存款代币实施了额外的检查，并对存款和取款进行了重入防护。该团队计划在下周进行彻底的合约测试并逐步重新开放质押池。

The Flash Loan Dilemma: Boon or Bane?

闪电贷困境：是福还是祸？

Flash loans are a unique feature of DeFi protocols, allowing users to borrow funds without collateral, provided the loan is repaid within the same block. This has enabled speculators to uncover protocol weaknesses without the need for significant capital. While some argue that flash loans expose vulnerabilities sooner, others condemn them as dangerous tools that jeopardize user funds.

闪电贷是 DeFi 协议的一个独特功能，允许用户在没有抵押的情况下借入资金，前提是贷款在同一个区块内偿还。这使得投机者无需大量资金即可发现协议的弱点。虽然一些人认为闪电贷会更快地暴露漏洞，但另一些人则谴责它们是危及用户资金的危险工具。

The ongoing rise in DeFi attacks, culminating in $346 million stolen to date, has raised concerns about the security of these platforms. DeFi protocols are collaborating with security firms to recover lost funds and strengthen their defenses.

DeFi 攻击持续增加，迄今为止已导致 3.46 亿美元被盗，引发了人们对这些平台安全性的担忧。 DeFi 协议正在与安全公司合作，以追回丢失的资金并加强防御。

As the DeFi ecosystem continues to evolve, the delicate balance between innovation and security will remain a paramount concern. The recent flash loan attacks serve as a stark reminder of the risks associated with this rapidly expanding domain.

随着 DeFi 生态系统的不断发展，创新与安全之间的微妙平衡仍将是最重要的问题。最近的闪电贷攻击清楚地提醒我们，这个快速扩张的领域存在风险。