黑客入侵均衡器 DEX，偷偷耗尽用户资金

5 月 14 日，一名黑客利用去中心化交易所 Equalizer，通过不被注意的小额交易耗尽用户资金。该黑客的钱包创建于 222 天前，迄今为止已收到超过 2,353 个 EQUAL 和各种其他代币。该漏洞始于 2,500 个 SpookySwap 流动性代币被盗，导致数百万其他代币丢失。此次黑客攻击导致 EQUAL 的市值下降 11%。 Equalizer 团队正在调查该事件，并建议用户停止与交易所互动并撤销批准，以防止进一步损失。

Hacker Exploits Equalizer DEX, Drains User Funds in Stealthy Scheme

黑客利用均衡器 DEX，秘密窃取用户资金

On May 14, a malicious actor launched an audacious attack against the decentralized exchange (DEX) Equalizer, siphoning user funds through a series of covert transactions. The theft remained undetected until the Equalizer team issued a public warning urging users to cease interactions with the exchange.

5 月 14 日，一名恶意攻击者对去中心化交易所（DEX）Equalizer 发起了大胆攻击，通过一系列隐蔽交易吸走了用户资金。直到 Equalizer 团队发布公开警告，敦促用户停止与交易所互动之前，盗窃事件仍未被发现。

At the time of reporting, the hacker has accrued approximately 2,353 Equalizer (EQUAL) tokens and an assortment of other crypto assets belonging to unsuspecting users. Despite the relatively low value of the stolen tokens, the attacker's cunning approach allowed them to pilfer funds under the radar, evading detection for an extended period.

截至报告发布时，黑客已积累了大约 2,353 个 Equalizer (EQUAL) 代币以及属于毫无戒心的用户的各种其他加密资产。尽管被盗代币的价值相对较低，但攻击者的狡猾方法使他们能够在雷达下窃取资金，从而长时间逃避检测。

Investigations reveal that the hacker's illicit activities commenced on May 14 at approximately 4:10 am UTC, with the drainage of 2,500 SpookySwap liquidity tokens (spLP). This initial breach paved the way for the subsequent theft of numerous other tokens from unsuspecting users.

调查显示，黑客的非法活动于世界标准时间 5 月 14 日凌晨 4:10 左右开始，导致 2,500 个 SpookySwap 流动性代币 (spLP) 被流失。这一最初的违规行为为随后从毫无戒心的用户手中窃取大量其他代币铺平了道路。

To date, the hacker has amassed a sizable haul, including:

迄今为止，黑客已经积累了大量信息，包括：

• 2,353 EQUAL across five transactions
• 510,579 FantomStarter (FS)
• 2,500 spLP
• 6 million AnyInu (AI)
• 985,565 ChillPill (CHILL)
• 50,000 WigoSwap (WIGO)
• 25 multiDEUS (DEUS)

The brazen attack has taken its toll on the EQUAL token price, which has plummeted nearly 11% on the day to hover around $8.90. To exacerbate the situation, a scammer seized the opportunity to create a fraudulent Equalizer X account, deceptively advertising a non-existent refund scheme for affected users.

五笔交易中 2,353 EQUAL510,579 FantomStarter (FS)2,500 spLP6 百万 AnyInu (AI)985,565 ChillPill (CHILL)50,000 WigoSwap (WIGO)25 multiDEUS (DEUS)这次无耻的攻击对 EQUAL 代币价格造成了影响，其价格暴跌近当日涨幅 11%，徘徊在 8.90 美元附近。为了加剧这种情况，诈骗者抓住机会创建了一个欺诈性的 Equalizer X 帐户，欺骗性地为受影响的用户宣传了一个不存在的退款计划。

While the investigation into the exploit continues, the Equalizer team is actively working to ascertain the scope and nature of the breach. Through the Equalizer Discord channel, the team has issued a stern warning to users, urging them to implement immediate protective measures:

在对漏洞的调查仍在继续的同时，Equalizer 团队正在积极努力确定漏洞的范围和性质。通过Equalizer Discord频道，团队已向用户发出严厉警告，敦促他们立即实施防护措施：

"If connecting to the dapp [[Connect Wallet]] asks you to Approve something, immediately Stop using that site. If the dapp asks you to interact with a contract you have never interacted with earlier, Stop using that site. If it asks you to approve any contract that is unknown or not in our docs, Stop using that site."

“如果连接到 dapp [[Connect Wallet]] 要求您批准某些内容，请立即停止使用该网站。如果 dapp 要求您与您之前从未互动过的合约进行交互，请停止使用该网站。如果它要求您要批准我们文档中未知或未包含的任何合同，请停止使用该网站。”

According to Equalizer Discord member "543," users who have refrained from interacting with Equalizer websites within the past six hours are considered safe. However, users who have engaged with the websites during that timeframe are advised to "revoke all your approvals made during this time."

根据 Equalizer Discord 成员“543”的说法，过去六个小时内没有与 Equalizer 网站互动的用户被认为是安全的。但是，建议在此期间访问过这些网站的用户“撤销在此期间所做的所有批准”。

The Discord user "543" emphasized the importance of revoking approvals, citing the potential for ongoing exploitation. Source: Equalizer Discord channel

Discord 用户“543”强调了撤销批准的重要性，并指出了持续利用的可能性。来源：Equalizer Discord 频道

In a proactive response, the Equalizer team is "working on restoring the main website" and has strongly advised users to refrain from accessing it until the necessary updates are implemented. The team continues to monitor the situation closely and will provide further updates as they become available.

在积极响应中，Equalizer 团队正在“努力恢复主网站”，并强烈建议用户在实施必要的更新之前不要访问该网站。该团队将继续密切关注局势，并将在有进一步更新时提供。

This incident highlights the ongoing threat posed by malicious actors within the cryptocurrency ecosystem. Users are urged to exercise extreme caution when interacting with decentralized exchanges and to thoroughly research any platform before entrusting it with their digital assets.

这一事件凸显了加密货币生态系统中恶意行为者所构成的持续威胁。我们敦促用户在与去中心化交易所进行交互时要格外小心，并在将数字资产委托给任何平台之前对其进行彻底研究。