bitcoin
bitcoin

$94148.178824 USD

-2.12%

ethereum
ethereum

$3400.708097 USD

1.57%

tether
tether

$0.998478 USD

-0.03%

xrp
xrp

$2.236826 USD

1.00%

bnb
bnb

$683.719165 USD

0.76%

solana
solana

$191.424055 USD

3.94%

dogecoin
dogecoin

$0.320466 USD

1.26%

usd-coin
usd-coin

$0.999919 USD

0.00%

cardano
cardano

$0.897627 USD

0.02%

tron
tron

$0.252095 USD

0.50%

avalanche
avalanche

$39.141781 USD

5.71%

chainlink
chainlink

$23.932396 USD

3.78%

toncoin
toncoin

$5.646699 USD

3.43%

sui
sui

$4.508505 USD

4.26%

shiba-inu
shiba-inu

$0.000022 USD

2.01%

加密货币新闻

随着朝鲜黑客可能针对该项目的猜测激增,超流动性回落

2024/12/24 04:23

HYPE代币价格近两天暴跌,稳定币USDC约2.1亿美元存款流出平台

随着朝鲜黑客可能针对该项目的猜测激增,超流动性回落

Hyperliquid, a blockchain undertaking constructed for buying and selling that ascended to the highest echelons of crypto headlines following final month’s airdrop of its new HYPE token, now seems to be beating a retreat because of speculation surging on social media that it could be within the crosshairs of North Korean hackers.  

Hyperliquid 是一家专为买卖而构建的区块链企业,上个月空投新的 HYPE 代币后,该企业登上了加密货币头条新闻的最高梯队,但现在似乎正在撤退,因为社交媒体上猜测它可能成为焦点。朝鲜黑客。

The HYPE token value has plummeted within the final two days, and a few $210 million of deposits within the stablecoin USDC have flowed off the platform, a report-breaking day by day quantity, in keeping with a dashboard on the analytics platform Dune Analytics created by Hashed_Official. As of press time, remaining deposits stood at roughly $2.1 billion. 

HYPE 代币价值在过去两天内暴跌,稳定币 USDC 中的 2.1 亿美元存款已从平台流出,根据 Dune Analytics 创建的分析平台上的仪表板,这一数字每天都在打破报告。由 Hashed_Official 提供。截至发稿时,剩余存款约为21亿美元。

Some canny opportunists have even spun up a prediction market on Polymarket for users to bet on whether the undertaking could be exploited earlier than February. Current odds point to a 14% probability of that taking place. 

一些精明的机会主义者甚至在 Polymarket 上设立了一个预测市场,供用户在 2 月份之前押注该项目是否会被利用。目前的赔率表明这种情况发生的可能性为 14%。

The speculation was touched off as Taylor Monahan, a developer at crypto wallet provider MetaMask, shared her worries on social media. CoinDesk famous the outflows in a tale printed earlier Monday. 

加密钱包提供商 MetaMask 的开发人员泰勒·莫纳汉 (Taylor Monahan) 在社交媒体上分享了她的担忧,引发了这一猜测。 CoinDesk 在周一早些时候发表的一篇报道中指出了资金外流的情况。

Monahan indicated that wallet addresses identified as belonging to suspected North Koreans have been actively using Hyperliquid – one in every of which was liquidated on Saturday when the worth of Ethereum’s cryptocurrency, ETH, dropped, leading to a loss of about half 1,000,000 dollars.

莫纳汉表示,被认定为疑似朝鲜人的钱包地址一直在积极使用 Hyperliquid——周六,当以太坊加密货币 ETH 的价值下跌时,每个钱包地址都被清算,导致约 100 万美元的损失。

Read More: Polygon Community to Reject Proposal for Yield on Bridged Assets, but Beef With Aave Escalates

阅读更多:Polygon 社区拒绝桥接资产收益提案,但与 Aave 的矛盾升级

On Sunday, Monahan posted on X a screenshot of a message she says she wrote two weeks ago to the Hyperliquid team — as evidence that she had warned them of the elevated risk.   

周日,莫纳汉在 X 上发布了一张她自称两周前写给 Hyperliquid 团队的消息的屏幕截图,作为她警告他们风险升高的证据。

“I am quite concerned that you guys are at increased risk due to the fact we know that these specific threat actors are now intimately familiar with your platform,” Monahan wrote at the time, according to the screenshot. She emphasized that North Korean hackers are sophisticated, creative, and persistent.

根据屏幕截图,莫纳汉当时写道:“我非常担心你们面临的风险会增加,因为我们知道这些特定的威胁行为者现在非常熟悉你们的平台。”她强调,朝鲜黑客经验丰富、富有创造力且坚持不懈。

In her recent post, Monahan shared 12 addresses she identified as likely belonging to North Koreans that are active on Hyperliquid. None of the addresses appear to be on a sanctions list administered by the U.S. Office of Foreign Assets Control, Unchained confirmed.

Monahan 在最近的帖子中分享了 12 个她认为可能属于活跃于 Hyperliquid 的朝鲜人的地址。 Unchained 证实,这些地址似乎都不在美国外国资产控制办公室管理的制裁名单上。

Monahan said she shared her concerns on X, because the Hyperliquid team had “ghosted” her, a colloquialism for not responding. 

莫纳汉表示,她对 X 表达了自己的担忧,因为 Hyperliquid 团队“幽灵”了她,这是一种通俗说法,表示没有回应。

A pseudonymous developer for the Hyperliquid project, who goes by @iliensinc, wrote in the protocol’s Discord server early Monday that, “Hyperliquid Labs is aware of reports circulating regarding activity by supposed DPRK addresses.”

周一早些时候,Hyperliquid 项目的一位化名开发人员(@iliensinc)在该协议的 Discord 服务器上写道,“Hyperliquid Labs 知道有关所谓朝鲜地址活动的报告。”

“There has been no DPRK exploit – or any exploit for that matter – of Hyperliquid,” according to the post. “All user funds are accounted for.” 

帖子称:“朝鲜没有利用过 Hyperliquid,也没有任何与此相关的利用。” “所有用户资金均已入账。”

Hyperliquid’s Security Set-Up

Hyperliquid 的安全设置

The validator set of the Hyperliquid blockchain secures the protocol’s EVM bridge, according to the protocol’s documentation. To trade on Hyperliquid, crypto users have to switch their wallet address to Arbitrum and deposit the stablecoin USDC into Hyperliquid’s bridging contract, which is less than two years old and has more than $2.1 billion at press time.

根据协议文档,Hyperliquid 区块链的验证器集可保护协议的 EVM 桥。要在 Hyperliquid 上进行交易,加密货币用户必须将钱包地址切换到 Arbitrum,并将稳定币 USDC 存入 Hyperliquid 的桥接合约中,该合约不到两年,截至发稿时价值超过 21 亿美元。

Mudit Gupta, chief information security officer at Polygon Labs, said on X, “Hyperliquid bridge is controlled by two 3-of-4 hot wallet multisigs, managed by a single binary. I’d advise them to increase this threshold and eliminate the single point of failure instead of attacking security researchers.”

Polygon Labs 首席信息安全官 Mudit Gupta 在 X 上表示:“Hyperliquid 桥由两个 4 中 3 的热钱包多重签名控制,由单个二进制文件管理。我建议他们提高这个门槛并消除单点故障,而不是攻击安全研究人员。”

Unchained was unable to confirm the details in the project’s documentation. 

Unchained 无法确认该项目文档中的详细信息。

Adrian Hetman, head of triaging at bug bounty platform Immunefi, told Unchained in emailed comments that, “In any case, relying primarily on a 3/4 validator setup as the main protection for their bridge is highly risky.” 

Bug 赏金平台 Immunefi 的分类负责人 Adrian Hetman 在电子邮件评论中告诉 Unchained,“无论如何,主要依靠 3/4 验证器设置作为其桥的主要保护是非常危险的。”

North Korean hackers previously have targeted bridge smart contracts to steal funds, notably in incidents involving the Ronin and Harmony bridges.

朝鲜黑客此前曾针对桥梁智能合约窃取资金,特别是在涉及 Ronin 和 Harmony 桥梁的事件中。

Some commenters on social media remarked that Monahan was spreading “FUD” – an acronym that stands for “fear, uncertainty, and doubt” – while others suggested that she was seeking attention for herself. 

社交媒体上的一些评论者评论说,莫纳汉正在传播“FUD”——代表“恐惧、不确定性和怀疑”的缩写——而其他人则认为她是在为自己寻求关注。

Monahan said she wouldn’t have aired the criticisms without first attempting to notify the Hyperliquid team. 

莫纳汉表示,如果没有首先尝试通知 Hyperliquid 团队,她不会发表这些批评。

“If there was any chance of them listening to me, I wouldn’t have tweeted and especially not in that way,” she wrote in a Telegram group chat with over 4,400 members. 

“如果他们有机会听我说话,我就不会发推文,尤其不会以这种方式,”她在拥有 4,400 多名会员的 Telegram 群聊中写道。

“I would be sh-tting my pants right now,” Monahan wrote. 

“我现在就要尿裤子了,”莫纳汉写道。

Hyperliquid’s @iliensinc said in the Discord post someone reached out to the team with security concerns but communicated using insults and profanity. “Given the level of professionalism displayed, Labs conferred instead with trusted parties,” per @iliensinc’s Discord announcement. 

Hyperliquid 的 @iliensinc 在 Discord 帖子中表示,有人出于安全考虑联系了该团队,但在交流中使用了侮辱和脏话。根据 @iliensinc 的 Discord 公告,“鉴于所表现出的专业水平,实验室转而与值得信赖的各方进行协商”。

Hyperliquid

超流动性

新闻来源:unchainedcrypto.com

免责声明:info@kdj.com

The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!

If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.

2024年12月24日 发表的其他文章