四。在三明治攻击后恢复运营，耗资120,000美元

基于BNB连锁的Memecoin发射平台在遭受三明治攻击后恢复了其运营，估计损失了120,000美元。

Four.Meme, a BNB Chain-based memecoin launch platform, has reportedly restored its operations after suffering a sandwich attack that resulted in an estimated $120,000 loss.

据报道，Forth.meme是一家基于BNB连锁的Memecoin发射平台，据报道，遭受了三明治攻击后恢复了其运营，估计损失了120,000美元。

On March 18, Four.Meme announced on X that its launch function was back online following a security review. The platform had temporarily suspended the function earlier in the day to investigate what it described as being “under attack.”

3月18日，有四人在X上宣布，在安全审查后，其启动功能又在线返回。该平台在当天早些时候暂时暂停了该功能，以调查其所描述的“受到攻击”。

“The launch function has now been resumed after a thorough security inspection. Our team has addressed the issue and reinforced system security. Compensation for affected users is underway,” the Four.Meme team stated.

“我们的团队已经解决了该问题，并为受影响的用户提供了补偿。

The post added that the platform was cooperating fully with relevant parties to identify and mitigate any risks involved.

该帖子补充说，该平台正在与相关方充分合作，以识别和减轻所涉及的任何风险。

However, Web3 security firm ExVul identified the exploit as a sandwich attack, a market manipulation tactic where an attacker attempts to execute trades immediately before and after another user’s transaction to inflate trading costs.

但是，Web3安全公司Exvul确定了漏洞攻击是一种三明治攻击，这是一种市场操纵策略，攻击者试图在另一位用户交易前后立即执行交易以使交易成本膨胀。

According to ExVul, the attacker pre-calculated an address to create a liquidity pool’s trading pair and then leveraged one of Four.Meme’s functions to purchase tokens—bypassing the platform’s built-in token transfer restrictions.

根据Exvul的说法，攻击者预先计算了一个地址，以创建流动性池的交易对，然后利用四个。Meme可以购买令牌的功能，这是该平台内置的代币传输限制。

“The hacker lay in wait for Four.Meme to add liquidity to the transaction, ultimately siphoning off the funds,” ExVul explained.

Exvul解释说：“黑客在等待四分之一。

A Deep Dive Into The Attack

深入研究攻击

Meanwhile, blockchain security firm CertiK arrived at a similar conclusion, noting that the attacker manipulated the launch process by transferring an imbalanced number of unlaunched tokens to designated liquidity pair addresses.

同时，区块链安全公司Certik得出了类似的结论，并指出，攻击者通过将不平衡的未扣除令牌传输到指定的流动性对地址来操纵发射过程。

Once the token was officially launched, the attacker inflated the price and sold the tokens at a profit.

令牌正式推出后，攻击者会夸大价格并以获利的价格出售令牌。

One example cited was the SBL token, where the attacker sent a small amount of SBL to the pre-calculated pair address and then profited 21.1 BNB by sandwiching the liquidity-adding transaction at launch.

引用的一个例子是SBL令牌，攻击者在该攻击者中将少量的SBL发送给预定的对地址，然后通过夹在发射时将流动性添加的交易夹住，从而获利了21.1 BNB。

This marks the second exploit on Four.Meme in just over a month. On February 11, the platform suffered a separate attack that led to losses of $183,000 worth of digital assets.

这标志着第二个漏洞的四个月。 2月11日，该平台遭受了另一种攻击，导致价值183,000美元的数字资产损失。

The incident comes amid a broader wave of crypto-related exploits. In February alone, cybercriminals stole $1.53 billion through scams and hacks, with the $1.4 billion Bybit exploit accounting for most of the losses.

该事件发生在更广泛的加密相关漏洞中。仅在2月，网络犯罪分子通过骗局和黑客偷走了15.3亿美元，其中大部分损失的14亿美元bybit利用会计。

According to Chainalysis, crypto crime is becoming more sophisticated, with AI-driven scams, stablecoin laundering, and coordinated cyber syndicates contributing to a $51 billion illicit transaction volume over the past year.

根据链分析，加密犯罪越来越复杂，在过去的一年中，AI驱动的骗局，稳定的洗钱和协调的网络集团造成了51亿美元的非法交易量。