|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
今天,有关朝鲜黑客攻击的谣言不断流传,导致用户从该平台撤回 6000 万美元。
Hyperliquid, a decentralized exchange (DEX), has denied rumors of a hack by North Korea's Lazarus Group, despite on-chain data showing large-scale fund withdrawals from suspicious wallet addresses linked to the group.
去中心化交易所(DEX)Hyperliquid 否认了有关朝鲜 Lazarus 集团遭到黑客攻击的传言,尽管链上数据显示,有大量资金从与该集团相关的可疑钱包地址中提取。
On December 23, several North Korea-linked wallet addresses reportedly deposited and withdrew substantial amounts of ETH from Hyperliquid, according to on-chain data analysis.
据链上数据分析,12 月 23 日,据报道,几个与朝鲜相关的钱包地址从 Hyperliquid 存入和提取了大量 ETH。
This activity has sparked speculation among members of the crypto community, who are closely monitoring the situation and awaiting official statements from the exchange and relevant authorities.
这一活动引发了加密货币社区成员的猜测,他们正在密切关注事态发展,并等待交易所和有关当局的官方声明。
Meanwhile, Taylor Monahan, a security expert at Metamask, has expressed concern over the lack of clear signs of user fund manipulation by the hackers. According to Monahan, the hackers may have already breached Hyperliquid's security without directly interfering with user funds.
与此同时,Metamask 安全专家泰勒·莫纳汉 (Taylor Monahan) 对缺乏黑客操纵用户资金的明显迹象表示担忧。莫纳汉表示,黑客可能已经在没有直接干扰用户资金的情况下破坏了 Hyperliquid 的安全性。
“The hackers do not need to touch any user funds to pwn the platform. Any party that is able to do a full technical audit of the platform will be able to identify clear vulnerabilities in the code or architecture of the platform. These should then be shared with the platform team for them to fix,” stated Monahan.
“黑客不需要动用任何用户资金就可以攻击该平台。任何能够对平台进行全面技术审核的一方都将能够识别平台代码或架构中的明显漏洞。然后应将这些问题与平台团队共享,以便他们进行修复。”Monahan 说道。
Hyperliquid yet to Address Lazarus Accusations Publicly
Hyperliquid 尚未公开回应拉撒路的指控
Rumors of the Lazarus Group targeting Hyperliquid began circulating today, prompting many users to withdraw around $60 million from the platform.
有关 Lazarus 集团针对 Hyperliquid 的谣言今天开始流传,促使许多用户从该平台提取了约 6000 万美元。
As these rumors spread, the exchange's HYPE token was already experiencing a decline, leading official accounts to attempt damage control through Discord messages.
随着这些谣言的传播,该交易所的 HYPE 代币已经出现下跌,导致官方账户试图通过 Discord 消息来控制损害。
“There has been no DPRK exploit- or any exploit for that matter- of Hyperliquid. All user funds are acounted for. Hyperliquid Labs takes OpSec seriously. No Vulnerabilities have been shared by any party. To be clear, there was never any allegation of any exploit on Hyperliquid,” posted one of the platform's executives on Discord.
“朝鲜没有利用过 Hyperliquid,也不存在任何与此相关的利用。所有用户资金均已入账。 Hyperliquid Labs 非常重视 OpSec。任何一方均未共享任何漏洞。需要明确的是,从来没有任何针对 Hyperliquid 的任何利用的指控,”该平台的一位高管在 Discord 上发帖称。
While the platform executives are denying any Lazarus Group involvement and claiming that all user funds are accounted for, Hyperliquid has yet to make any public statements or announcements to address the accusations.
尽管平台高管否认 Lazarus Group 参与其中,并声称所有用户资金均已入账,但 Hyperliquid 尚未发表任何公开声明或公告来回应这些指控。
On the other hand, the on-chain data analysis reveals that Lazarus-linked accounts did indeed deposit $476,489 in ETH tokens onto Hyperliquid before subsequently withdrawing them.
另一方面,链上数据分析显示,Lazarus 关联账户确实将 476,489 美元的 ETH 代币存入 Hyperliquid,然后又将其提取。
While these movements alone may not definitively indicate an exploit, the large volume of outflow from suspicious wallet addresses in a single day is certainly raising eyebrows.
虽然这些动作本身可能并不能明确表明存在漏洞,但可疑钱包地址在一天之内的大量流出无疑令人震惊。
However, MetaMask security expert Taylor Monahan is urging greater caution. Given the crypto industry's familiarity with the severity of any incident linked to the infamous Lazarus Group, Hyperliquid should be taking its threats very seriously, according to the security expert
然而,MetaMask 安全专家泰勒·莫纳汉 (Taylor Monahan) 敦促大家更加谨慎。安全专家表示,鉴于加密行业对与臭名昭著的拉撒路集团有关的任何事件的严重性都很熟悉,Hyperliquid 应该非常认真地对待其威胁
“I am quite concerned that you guys are at increased risk due to the fact that we know that these specific threat actors are now intimately familiar with your platform. I really want to emphasize that these are the most sophisticated and rapidly evolving of all the DPRK threat groups. They are very creative and persistent,” claimed Monahan.
“我非常担心你们面临的风险会增加,因为我们知道这些特定的威胁行为者现在非常熟悉你们的平台。我真的想强调,这些组织是所有朝鲜威胁组织中最复杂、发展最快的。他们非常有创造力并且坚持不懈。”莫纳汉说道。
Monahan went on to state that the exchange's evasive and defiant attitude is a very worrying sign. Even if Lazarus hasn't disturbed any of the funds on Hyperliquid, it may have already penetrated its security.
莫纳汉接着表示,该交易所的回避和挑衅态度是一个非常令人担忧的迹象。即使 Lazarus 没有扰乱 Hyperliquid 上的任何资金,它也可能已经渗透了其安全性。
The Metamask security expert also highlighted that the firm has no more than 4 validators, all of which run the same code, and an unknown number of higher-ups who can bypass key security vulnerabilities.
Metamask 安全专家还强调,该公司拥有不超过 4 个验证器,所有验证器都运行相同的代码,并且有数量未知的可以绕过关键安全漏洞的高层。
“In short, if any of the founders, executives, or engineers use the same devices to access the same systems, then one malware link could unravel the whole operation. Lateral movement is one of the key strategies of North Korean hackers, where they leverage multiple access points to move through a network. So, if one high-level person's private device gets compromised, a major hack becomes inevitable. But, as of now, Hyperliquid does not seem stressed about these accusations.
“简而言之,如果任何创始人、高管或工程师使用相同的设备访问相同的系统,那么一个恶意软件链接就可能破坏整个操作。横向移动是朝鲜黑客的关键策略之一,他们利用多个接入点在网络中移动。因此,如果一位高层人员的私人设备受到损害,重大黑客攻击就不可避免。但截至目前,Hyperliquid 似乎并未对这些指控感到压力。
免责声明:info@kdj.com
The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!
If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.
-
- XRP 鲸鱼积累 4000 万代币,价格面临 3 美元阻力
- 2024-12-25 01:55:01
- XRP 正在波动的环境中航行,因为在更广泛的市场调整中,其向 3 美元阻力位的推动似乎已陷入停滞。
-
- Bitget Token(BGB)价格预测:为何BGB暴涨470%后可能回落?
- 2024-12-25 01:50:01
- 尽管加密货币行业的圣诞老人反弹仍然难以捉摸,但 Bitget 代币价格本周继续飙升。
-
- 以太坊 Gas 费用:长期存在的挑战和创新的催化剂
- 2024-12-25 01:50:01
- 在不断发展的区块链技术世界中,以太坊长期以来一直占据主导地位,尤其是在去中心化应用程序(dApp)和智能合约方面。