大规模 DeFi 漏洞：ARB Chain 和 Hedgey Finance 的数百万代币被盗

加密货币市场最近因两起重大事件而面临重大损失。 ARB 链上的漏洞导致 4280 万美元的代币被盗，这些代币是由可疑地址精心策划的。 Hedgey Finance 还遭遇了安全漏洞，由于被盗资金被转换为 DAI 并转移到外部账户，导致损失 190 万美元。

Massive DeFi Breach: Attackers Siphon Millions in Tokens from ARB Chain and Hedgey Finance

大规模 DeFi 漏洞：攻击者从 ARB Chain 和 Hedgey Finance 窃取数百万代币

The cryptocurrency market has been rocked by a series of high-profile hacks, demonstrating the continued vulnerabilities within the decentralized finance (DeFi) ecosystem. Two recent incidents have resulted in the theft of over $40 million worth of tokens, raising concerns about the security of blockchain-based financial systems.

加密货币市场受到一系列备受瞩目的黑客攻击的冲击，这表明去中心化金融（DeFi）生态系统中仍然存在漏洞。最近发生的两起事件导致价值超过 4000 万美元的代币被盗，引发了人们对基于区块链的金融系统安全性的担忧。

ARB Chain Exploitation

ARB链利用

Web3 security firm Cyvers has revealed that an unidentified attacker exploited a vulnerability on the ARB platform, draining $42.8 million worth of tokens. The malicious address responsible for the attack, 0xc7241e27ee4b8d32b59a10e848b48530047a8c5b, executed a series of transactions to transfer the stolen funds, including 200,000 $BONUS tokens and $110,000 to Bybit_Official.

Web3 安全公司 Cyvers 透露，一名身份不明的攻击者利用了 ARB 平台上的漏洞，损失了价值 4280 万美元的代币。发起此次攻击的恶意地址 0xc7241e27ee4b8d32b59a10e848b48530047a8c5b 执行了一系列交易来转移被盗资金，其中包括 200,000 $BONUS 代币和 110,000 美元至 Bybit_Official。

The incident highlights the growing sophistication of attackers targeting DeFi protocols. The exploitation of the ARB chain demonstrates the importance of robust security measures and timely incident response mechanisms to mitigate potential losses.

该事件凸显了针对 DeFi 协议的攻击者的技术日益成熟。 ARB 链的利用证明了强大的安全措施和及时的事件响应机制对于减轻潜在损失的重要性。

Hedgey Finance Token Claim Contract Hack

Hedgey Finance 代币索赔合约黑客攻击

In a separate incident, Hedgey Finance's token claim contract was compromised, resulting in the theft of approximately $1.9 million. The attacker, whose funds were traced back to ChangeNOW_io, swiftly laundered the stolen tokens into DAI and transferred them to an external account.

在另一起事件中，Hedgey Finance 的代币索赔合同遭到破坏，导致约 190 万美元被盗。攻击者的资金可追溯到 ChangeNOW_io，他迅速将窃取的代币洗成 DAI，并将其转移到外部账户。

The Hedgey Finance team promptly issued an alert and advised users to revoke all permissions associated with the compromised contract. The platform has initiated procedures for the cancellation of affected withdrawals and is collaborating with cybersecurity experts and auditors to investigate the nature of the attack and implement appropriate mitigation measures.

Hedgey Finance 团队立即发出警报，并建议用户撤销与受损合约相关的所有权限。该平台已启动取消受影响提款的程序，并正在与网络安全专家和审计师合作，调查攻击的性质并实施适当的缓解措施。

DeFi Security Concerns

DeFi 安全问题

These incidents serve as a stark reminder of the challenges facing the DeFi industry as it continues to grapple with complex online threats. The absence of centralized oversight and the interconnectedness of blockchain networks make it imperative for protocols to invest heavily in security infrastructure and adopt robust incident response plans.

这些事件清楚地提醒人们，DeFi 行业在继续应对复杂的在线威胁时所面临的挑战。由于缺乏集中监管和区块链网络的互连性，协议必须大力投资安全基础设施并采用强大的事件响应计划。

Mitigating Risks

降低风险

To mitigate the risks associated with DeFi, several measures can be taken. These include:

为了减轻与 DeFi 相关的风险，可以采取多种措施。这些包括：

• Implementing rigorous security audits by independent experts
• Enforcing strict access control and authorization mechanisms
• Utilizing multi-layered security solutions such as firewalls and intrusion detection systems
• Educating users on DeFi security best practices, such as using strong passwords and avoiding suspicious links
• Establishing clear and comprehensive incident response plans to minimize losses in the event of a breach

Conclusion

由独立专家实施严格的安全审计执行严格的访问控制和授权机制利用防火墙和入侵检测系统等多层安全解决方案向用户传授 DeFi 安全最佳实践，例如使用强密码和避免可疑链接建立清晰全面的事件响应计划以最大程度地减少损失如果发生违规结论

The recent hacks on ARB Chain and Hedgey Finance underscore the need for continued vigilance and collaboration within the DeFi ecosystem. By adhering to best practices, sharing information on emerging threats, and working closely with security experts, the industry can strengthen its defenses and enhance user confidence in the future of decentralized finance.

最近 ARB Chain 和 Hedgey Finance 遭受的黑客攻击凸显了 DeFi 生态系统内持续保持警惕和协作的必要性。通过坚持最佳实践、共享有关新兴威胁的信息以及与安全专家密切合作，该行业可以加强防御并增强用户对去中心化金融未来的信心。