Infini由于保留的管理员访问而遭受了4900万美元的违规，被盗的资金交换为DAI，转换为ETH，安全问题上升

以加密货币为中心的新牛现在遭受了严重的安全漏洞。数据显示，攻击者利用其保留的行政访问权限，可窃取4,900万美元。

A crypto-focused neobank named Infini has fallen victim to a large-scale security breach, as per recent reports. The breach was made possible by an attacker who managed to retain administrative access after working on Infini's development as an external contractor. This breach resulted in the theft of funds valued at $49 million, which were then converted into DAI before being exchanged for Ethereum (ETH).

根据最近的报道，一个以加密货币为中心的Neobank被称为Infini的新库库遭受了大规模安全漏洞的受害者。攻击者使违规行为成为可能，后者在Infini作为外部承包商的发展工作后设法保留了行政访问。这一违规行为导致盗窃价值4,900万美元的资金，然后将其转换为Dai，然后被换成以太坊（ETH）。

Cyvers Alerts has pinpointed an internal system vulnerability as the primary cause of this financial breach. The perpetrator in question had worked on Infini's development as an external contractor prior to the attack. Upon completing their work on the project, they surreptitiously maintained their administrator rights. Later on, they used this unauthorized access to target the system.

Cyvers Alerts已将内部系统漏洞确定为这种财务违规的主要原因。有问题的肇事者在袭击之前一直在Infini作为外部承包商的发展。完成该项目的工作后，他们秘密地维护了其管理员权利。稍后，他们使用了针对系统的未经授权的访问。

The attacker's preparations for the attack spanned over 100 days before its successful execution. They initiated the transaction by utilizing TornadoCash as their payment gateway, a privacy tool designed to conceal their identity. Following the initial ETH transaction, a small withdrawal was made to cover gas fees. Finally, the hackers employed the contract to pilfer all remaining funds within Infini's system, completing the breach.

攻击者对袭击的准备工作在成功执行之前已经跨越了100天。他们通过利用Tornadocash作为支付网关来启动交易，这是一种旨在隐藏其身份的隐私工具。最初的ETH交易之后，进行了少量戒断以支付汽油费。最后，黑客雇用了合同来窃取Infini系统中的所有剩余资金，完成了违约。

This security breach incident has brought expanding security concerns to the forefront of the cryptocurrency industry. The problem of insider threats remains a significant danger to platforms that utilize smart contracts. Even organizations with deep industry knowledge can become vulnerable to such attacks if they lack proper access control systems in place. The cryptocurrency industry as a whole requires more frequent security assessments and enhanced developer permission tracking.

这一安全违规事件使加密货币行业的最前沿使安全问题扩大。内幕威胁的问题仍然对利用智能合约的平台构成了重大危险。如果具有深厚行业知识的组织，如果他们缺乏适当的访问控制系统，也可能会容易受到此类攻击的影响。整个加密货币行业需要更频繁的安全评估和增强的开发人员许可跟踪。

The Infini breach is just one episode in a series of recent security breaches. On February 21, Bybit, a leading cryptocurrency exchange, was hit by a $1.4 billion hack. The hack, which occurred just days before the Infini breach, was the largest cryptocurrency exchange theft on record. The Infini breach adds to the growing number of security incidents targeting the crypto domain.

在最近的一系列安全漏洞中，Infini违规只是一集。 2月21日，领先的加密货币交易所Bybit被14亿美元的黑客袭击。该黑客发生在Infini违规前几天，是有记录以来最大的加密货币交换盗窃案。 Infini违规增加了针对加密型域的越来越多的安全事件。

As the market grows, companies are being forced to adopt stronger security measures. Multiple security measures, such as scheduled evaluations, dual authorizations, and increased supervision, will help prevent further incidents from occurring. Investors and users alike should be aware of these risks and choose crypto solutions that prioritize robust security platforms.

随着市场的增长，公司被迫采取更强大的安全措施。多种安全措施，例如预定的评估，双重授权和增加的监督，将有助于防止发生进一步的事件。投资者和用户都应意识到这些风险，并选择优先考虑强大安全平台的加密解决方案。