2024年8月多次网络钓鱼攻击和未经授权的转账导致加密货币行业遭受重大损失

最大的黑客攻击涉及一头鲸鱼被网络钓鱼，损失了 4,064 比特币，损失总计 2.38 亿美元。其他值得注意的黑客攻击包括价值 5540 万美元的 Dai 稳定币盗窃案和价值 1000 万美元的 Ronin Network 漏洞。

August 2024 was a rough month for the cryptocurrency industry, with multiple major hacks leading to significant losses. According to the latest report by blockchain security firm Peckshield, the total losses amounted to $313.86 million.

2024 年 8 月对于加密货币行业来说是艰难的一个月，多次重大黑客攻击导致重大损失。根据区块链安全公司 Peckshield 的最新报告，总损失达 3.1386 亿美元。

The five most common types of hacks were largely rooted in phishing and unauthorized transfers, exposing some of the biggest weaknesses in the crypto market. Here's a closer look at each incident:

五种最常见的黑客类型主要源于网络钓鱼和未经授权的传输，暴露了加密货币市场的一些最大弱点。以下是对每个事件的详细分析：

Phishing Attacks Dominate the Month

网络钓鱼攻击在本月占据主导地位

The largest hack of August occurred on the 19th, when a whale fell victim to a phishing attack, resulting in the theft of 4,064 Bitcoin, valued at approximately $238 million at the time of the incident. The stolen funds were quickly moved across various platforms, including THORChain, KuCoin, and Railgun, making recovery efforts nearly impossible.

8 月最大的黑客攻击发生在 19 日，一头鲸鱼遭遇网络钓鱼攻击，导致 4,064 个比特币被盗，事件发生时价值约 2.38 亿美元。被盗资金迅速在各种平台上转移，包括 THORChain、KuCoin 和 Railgun，使得追回工作几乎不可能。

This massive breach accounted for 76% of the total losses for the month, highlighting the persistent threat of phishing attacks in the crypto world.

此次大规模泄密事件占当月总损失的 76%，凸显了加密世界中网络钓鱼攻击的持续威胁。

Dai Stablecoin Theft: A Multi-Million Dollar Scam

Dai 稳定币失窃：价值数百万美元的骗局

Another notable incident involved the theft of $55.4 million in Dai stablecoins through a phishing attack. The stolen 1,400 ETH were initially held in the Maker DeFi protocol before being exchanged for Ethereum and subsequently embezzled. The swift and well-coordinated nature of this attack left little chance for asset recovery.

另一个值得注意的事件是通过网络钓鱼攻击盗窃价值 5540 万美元的 Dai 稳定币。被盗的 1,400 个 ETH 最初存放在 Maker DeFi 协议中，然后兑换成以太坊，随后被盗用。这次袭击行动迅速且协调良好，几乎没有追回资产的机会。

Ronin Network Hit Again: Ethical Hackers to the Rescue

Ronin Network 再次遭遇打击：道德黑客出手救援

On 6th August, the Ronin Network, which was previously compromised in 2022, experienced another cyber attack. However, this time, whitehat hackers used the Maximum Extractable Value (MEV) bug to work out to withdraw 4,000 ETH, which is $10 million.

8月6日，曾于2022年被攻破的Ronin Network再次遭遇网络攻击。然而，这一次，白帽黑客利用最大可提取价值（MEV）漏洞计算出提取了 4,000 ETH，即 1000 万美元。

Interestingly, the ethical hackers used the bug to return the funds used to conduct the hack to the Ronin developers, who paid a bounty in the amount of half a million dollars. This incident serves as a reminder of the valuable role that ethical hackers can play in enhancing the security of crypto platforms.

有趣的是，道德黑客利用该漏洞将用于进行黑客攻击的资金返还给 Ronin 开发者，后者支付了 50 万美元的赏金。这一事件提醒人们，道德黑客在增强加密货币平台的安全性方面可以发挥重要作用。

Unauthorized Transfer: $5.1 Million Stolen

未经授权转移：510 万美元被盗

Another noteworthy incident involved an unauthorized transfer, which resulted in a forgery loss of $5.1 million. While less severe than the other hacks, this incident adds to the growing need for improved security measures within the crypto industry.

另一个值得注意的事件涉及未经授权的转让，导致 510 万美元的伪造损失。虽然这一事件的严重性不如其他黑客事件，但这一事件增加了加密行业内对改进安全措施的日益增长的需求。

Nexera Exploit: Social Engineering Leads to $1. 83 Million Theft

Nexera 利用：社会工程导致 1 美元。 8300万盗窃案

Finally, Nexera suffered a $1. 83 million loss after falling prey to an elaborate social engineering scam. Through a reputation-phishing attack, the attackers managed to trick an employee of Nexera into downloading what they claimed was a job offer contract. However, upon downloading the file, they discovered that it was concealed malware, which ultimately stole their private keys.

最终，Nexera 遭遇了 1 美元的损失。陷入精心设计的社会工程骗局后损失 8300 万美元。通过声誉网络钓鱼攻击，攻击者成功诱骗 Nexera 的一名员工下载他们声称的工作邀请合同。然而，在下载该文件后，他们发现它是隐藏的恶意软件，最终窃取了他们的私钥。

This incident highlights the importance of employing advanced protection methods, such as multi-signature wallets, to safeguard valuable assets in the cryptocurrency domain.

这一事件凸显了采用多重签名钱包等先进保护方法来保护加密货币领域有价值资产的重要性。

These cases serve as a stark reminder of the urgent need for constant enhancement of security measures and awareness among cryptos’ users and related firms to avoid getting hacked. As the cryptocurrency industry continues to evolve, it remains to be seen whether we will witness an improvement in crypto security in the months ahead.

这些案例强烈提醒人们，迫切需要不断加强加密货币用户和相关公司的安全措施和意识，以避免遭到黑客攻击。随着加密货币行业的不断发展，未来几个月我们是否会见证加密货币安全性的改善还有待观察。