尽管盗窃了 3.26 亿美元，但黑客仍有资格利用虫洞漏洞获得 5 万美元奖励

由于 Wormhole 的疏忽未能排除与黑客攻击相关的钱包，价值 3.26 亿美元的 Wormhole 漏洞攻击者已经有资格索取超过 50,000 美元的 W 代币。这一资格源于 2022 年 2 月漏洞利用期间进行的交易，之后 Wormhole 将其代币空投给其跨链消息基础设施的早期采用者。该事件仍然是最大的加密安全漏洞之一，利用该漏洞铸造了 120,000 个虫洞以太币 (whETH)。

Wormhole Exploitation: Hacker Eligible to Claim over $50,000 in Rewards

虫洞利用：黑客有资格获得超过 50,000 美元的奖励

April 4, 2023 - The perpetrator behind the notorious $326 million exploit on the Wormhole cross-chain bridge has unexpectedly become eligible to claim over $50,000 worth of W tokens. This revelation has sparked concerns about the integrity of the Wormhole airdrop and raised questions about the project's security measures.

2023 年 4 月 4 日——虫洞跨链桥臭名昭著的 3.26 亿美元漏洞背后的肇事者出人意料地有资格领取价值超过 50,000 美元的 W 代币。这一消息引发了人们对虫洞空投完整性的担忧，并引发了对该项目安全措施的质疑。

According to a report by Degen News, the hacker's eligibility stems from transactions made using four wallets during the February 2022 exploit. These transactions qualified the perpetrator for 31,000 W tokens, a substantial portion of the 617 million tokens airdropped to early adopters.

据 Degen News 报道，黑客的资格源于 2022 年 2 月漏洞利用期间使用四个钱包进行的交易。这些交易使犯罪者有资格获得 31,000 W 代币，这是空投给早期采用者的 6.17 亿代币中的很大一部分。

The eligibility issue was discovered on April 3 by Pland, another Degen News user, after Wormhole inadvertently failed to exclude the wallets linked to the hack. The airdrop was conducted on the same day, distributing tokens to individuals who had interacted with Wormhole's cross-chain messaging protocol.

4 月 3 日，另一位 Degen News 用户 Pland 发现了这个资格问题，此前 Wormhole 无意中未能排除与黑客攻击有关的钱包。空投在同一天进行，将代币分发给与 Wormhole 跨链消息协议交互的个人。

Rekt News, a prominent security-focused outlet, has highlighted the Wormhole incident as the fifth largest crypto theft in history. The hacker bypassed the project's smart contract to mint 120,000 Wormhole Ether (whETH) on February 2, 2022.

Rekt News 是一家著名的安全媒体，它强调虫洞事件是历史上第五大加密货币盗窃事件。黑客绕过该项目的智能合约，于 2022 年 2 月 2 日铸造了 120,000 个虫洞以太币（whETH）。

The exploit prompted the perpetrator to transfer 93,750 Ether back to the Ethereum network and liquidate their remaining holdings on Solana into USD Coin (USDC) and SOL. However, the entire loss was covered by Wormhole's backer, Jump Crypto, the following day.

该漏洞促使犯罪者将 93,750 以太币转移回以太坊网络，并将其在 Solana 上的剩余资产清算为美元硬币 (USDC) 和 SOL。然而，第二天，Wormhole 的支持者 Jump Crypto 就弥补了全部损失。

The revelation of the hacker's eligibility for rewards has cast a shadow over Wormhole's airdrop. Critics have argued that excluding the hacker's wallets should have been a priority for the team, as it would have prevented the distribution of tokens to a known malicious actor.

黑客获得奖励资格的曝光给虫洞的空投蒙上了阴影。批评者认为，排除黑客的钱包应该是该团队的首要任务，因为这可以防止将代币分发给已知的恶意行为者。

The incident has also reignited concerns about Wormhole's security protocols. The fact that the hacker was able to bypass the project's smart contract has raised questions about the robustness of the code and the project's overall security posture.

该事件也重新引发了人们对 Wormhole 安全协议的担忧。黑客能够绕过该项目的智能合约这一事实引发了人们对代码的稳健性和项目整体安全状况的质疑。

Wormhole has yet to comment on the situation or provide an explanation for the failure to exclude the hacker's wallets from the airdrop. The project's team is expected to issue a statement in the coming days to address the public's concerns and provide further details on the eligibility criteria.

Wormhole 尚未对此事发表评论，也没有对未能将黑客的钱包排除在空投之外提供解释。该项目团队预计将在未来几天发布一份声明，以解决公众的担忧，并提供有关资格标准的更多细节。