bitcoin
bitcoin

$95021.646386 USD

-2.81%

ethereum
ethereum

$3334.296341 USD

-3.44%

tether
tether

$0.999986 USD

0.05%

xrp
xrp

$2.302254 USD

-0.50%

bnb
bnb

$690.574585 USD

-2.80%

solana
solana

$197.299339 USD

-5.01%

dogecoin
dogecoin

$0.344859 USD

-5.23%

usd-coin
usd-coin

$1.000130 USD

0.01%

cardano
cardano

$0.970190 USD

-6.83%

tron
tron

$0.251831 USD

-2.39%

avalanche
avalanche

$38.072599 USD

-6.58%

sui
sui

$4.595851 USD

-6.04%

toncoin
toncoin

$5.323053 USD

-2.59%

chainlink
chainlink

$20.593477 USD

-6.26%

shiba-inu
shiba-inu

$0.000022 USD

-4.11%

加密货币新闻

访问控制违规事件呈指数级增长,敲响了加密安全警报

2024/04/17 18:09

2024 年第一季度,访问控制违规行为在黑客攻击中占主导地位,在 8.24 亿美元的被盗金额中,损失达 6.82 亿美元(83%)。值得注意的事件包括 Playdapp 泄露(2.9 亿美元)、Chris Larsen 钱包黑客攻击(1.12 亿美元)和 Orbit 链桥黑客攻击(8000 万美元)。尽管存在这些损失,但由于黑客返还资金、白帽黑客扰乱攻击以及项目团队采取主动安全措施,约 4.44 亿美元 (54%) 被追回或冻结。

访问控制违规事件呈指数级增长,敲响了加密安全警报

Exponential Rise in Access Control Breaches: A Wake-Up Call for Crypto Security

访问控制违规事件呈指数级增长:加密安全的警钟

The first quarter of 2024 has witnessed a surge in cyberattacks targeting the cryptocurrency industry, with access control breaches emerging as the most prevalent and financially damaging exploit type. According to the latest report by Hacken, a leading blockchain security firm, over $824 million was stolen across 67 hacks, with breaches in access control accounting for a staggering 83% of the total funds lost, estimated at $682 million.

2024 年第一季度,针对加密货币行业的网络攻击激增,访问控制漏洞成为最普遍且最具经济破坏性的利用类型。根据领先的区块链安全公司 Hacken 的最新报告,在 67 次黑客攻击中,超过 8.24 亿美元被盗,其中访问控制漏洞占总资金损失的 83%,估计为 6.82 亿美元。

Access Control Breaches Dominate the Threat Landscape

访问控制违规主导威胁格局

Access control breaches, characterized by unauthorized access to critical system components, have surpassed other exploit types as the primary means of infiltrating crypto platforms and stealing digital assets. This vulnerability has been exploited in several high-profile incidents during the first quarter of 2024, leading to massive financial losses.

以未经授权访问关键系统组件为特征的访问控制漏洞已超越其他漏洞类型,成为渗透加密平台和窃取数字资产的主要手段。该漏洞已在 2024 年第一季度发生的多起备受瞩目的事件中被利用,导致巨额财务损失。

Four major breaches alone accounted for 66% of the total stolen funds. These include the $290 million hack of Playdapp, a blockchain gaming platform; the $112 million theft from Ripple co-founder Chris Larsen's wallet; the $80 million hack of Orbit, a cross-chain bridge; and the $63 million exploit of Munchables, a Web3 gaming protocol on Blast.

仅四起重大违规事件就占被盗资金总额的 66%。其中包括区块链游戏平台 Playdapp 被黑客攻击价值 2.9 亿美元; Ripple 联合创始人 Chris Larsen 的钱包被盗 1.12 亿美元;跨链桥 Orbit 被黑客攻击价值 8000 万美元;以及 Blast 上的 Web3 游戏协议 Munchables 的价值 6300 万美元的漏洞。

Token Projects Bear the Brunt

代币项目首当其冲

Token projects have become a primary target for hackers, with 19 reported incidents in Q1 2024. Other projects, including decentralized autonomous organizations (DAOs) and lending protocols, have also faced significant attacks. Gaming platforms, led by Playdapp's substantial losses, and Web3 gaming protocols like Munchables have suffered the most severe financial impacts.

代币项目已成为黑客的主要目标,2024 年第一季度报告了 19 起事件。其他项目,包括去中心化自治组织 (DAO) 和借贷协议,也面临重大攻击。以 Playdapp 大幅亏损为首的游戏平台和 Munchables 等 Web3 游戏协议遭受了最严重的财务影响。

Notable Individuals and Platforms Compromised

著名个人和平台受到损害

Breached wallets belonging to prominent individuals, DAOs, tokens, bridges, and centralized finance (CeFi) platforms constitute the second-largest category of losses. High-profile incidents involving figures such as Chris Larsen, Jeffrey Zirlin, and AirDAO have highlighted the vulnerability of crypto assets held in private wallets.

知名人士、DAO、代币、网桥和中心化金融(CeFi)平台的钱包被泄露构成了第二大损失类别。涉及 Chris Larsen、Jeffrey Zirlin 和 AirDAO 等人物的备受瞩目的事件凸显了私人钱包中持有的加密资产的脆弱性。

A Ray of Hope Amidst the Losses

损失中的一线希望

Despite the staggering losses, Hacken's report provides a glimmer of hope, revealing that approximately $444 million (54%) of the stolen funds has been successfully recovered or frozen through various measures. This includes cases where hackers have returned funds in exchange for bounties, such as in the Seneca Protocol and Dolomite hacks.

尽管损失惨重,哈肯的报告还是带来了一线希望,显示大约 4.44 亿美元(54%)的被盗资金已通过各种措施成功追回或冻结。这包括黑客返还资金以换取赏金的情况,例如塞内卡协议和白云石黑客事件。

White Hat Hackers and Proactive Responses

白帽黑客和主动响应

White hat hackers and ethical security researchers have played a crucial role in recovering stolen funds and mitigating the impact of hacks. Their proactive actions, such as @coffeebabe_eth's intervention in the Blueberry protocol hack, have disrupted attacks and enabled the return of funds to their rightful owners.

白帽黑客和道德安全研究人员在追回被盗资金和减轻黑客影响方面发挥了至关重要的作用。他们的主动行动,例如 @coffeebabe_eth 对 Blueberry 协议黑客的干预,已经阻止了攻击并使资金返还给合法所有者。

The concerted efforts of project teams, white hat hackers, and law enforcement agencies have significantly improved the industry's response to cyberattacks, resulting in a remarkable recovery rate of over half of the stolen funds.

项目团队、白帽黑客和执法机构的共同努力,显着提高了行业对网络攻击的响应能力,被盗资金的追回率显着超过一半。

Industry Resilience and Continued Progress

行业韧性和持续进步

Edgar Pavlovski, Hacken's Senior Blockchain Researcher, emphasized that while the total amount hacked in the first quarter of 2024 was substantial, the recovery of more than half of the stolen funds represents a significant positive development for the security and resilience of the crypto industry.

Hacken 的高级区块链研究员埃德加·帕夫洛夫斯基 (Edgar Pavlovski) 强调,虽然 2024 年第一季度被黑客攻击的总金额相当可观,但追回一半以上被盗资金代表着加密行业的安全性和弹性的重大积极发展。

"The beginning of this year spawned more of the same – losing control of one’s private key remains the largest vector of attack, accounting for 83% of all funds lost," said Pavlovski. "On the bright side, more than half of all stolen funds were either returned or frozen. This represents big advancement compared to previous years, and we expect this dynamic to continue improving over time."

Pavlovski 表示:“今年年初又出现了更多类似情况——失去私钥控制仍然是最大的攻击媒介,占所有资金损失的 83%。” “好的一面是,超过一半的被盗资金要么被退回,要么被冻结。与前几年相比,这代表了巨大的进步,我们预计这种动态将随着时间的推移而继续改善。”

The industry's commitment to enhancing security measures, fostering collaboration between stakeholders, and promoting ethical hacking practices is crucial to mitigating the evolving threat landscape. By adopting proactive measures, crypto platforms and individuals can protect their assets and ensure the long-term growth and sustainability of the decentralized financial ecosystem.

该行业致力于加强安全措施、促进利益相关者之间的合作以及促进道德黑客行为,这对于缓解不断变化的威胁形势至关重要。通过采取积极主动的措施,加密货币平台和个人可以保护自己的资产,并确保去中心化金融生态系统的长期增长和可持续性。

免责声明:info@kdj.com

The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!

If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.

2025年01月09日 发表的其他文章