朝鲜黑客执行历史上最大的加密货币抢劫，窃取了15亿美元

根据网络安全研究人员的说法，朝鲜黑客执行了历史上最大的加密货币抢劫，仅在两分钟内就窃取了15亿美元（12亿英镑）。

North Korean hackers executed the largest cryptocurrency heist in history, stealing $1.5 billion in two minutes, cybersecurity researchers have said.

网络安全研究人员说，朝鲜黑客执行了历史上最大的加密货币抢劫，两分钟内窃取了15亿美元。

The hackers had compromised a so-called cold wallet—a hardware-based storage system designed to keep cryptocurrency secure by remaining offline. These wallets, similar to encrypted USB drives, are usually considered highly secure.

黑客损害了一个所谓的冷钱包，这是一个基于硬件的存储系统，旨在通过离线剩余的脱机来确保加密货币安全。这些钱包类似于加密的USB驱动器，通常被认为是高度安全的。

But when cryptocurrency exchange Bybit attempted to transfer funds from its cold wallet to an online account, the attackers struck within seconds, exploiting the transaction window.

但是，当加密货币交换Bybit试图将资金从其冷钱包转移到在线帐户中时，攻击者在几秒钟内袭击了交易窗口。

Cybersecurity firms Sygnia and Verichains determined that the breach stemmed from a vulnerability in Safe Wallet, a technology used for secure transactions, after reconstructing the attack from digital records.

网络安全公司Sygnia和Verichains确定，在从数字记录中重建攻击后，违规源于安全钱包中的脆弱性，这是一种用于安全交易的技术。

Two days before the attack, North Korean hackers, believed to be part of the notorious Lazarus Group, had embedded malicious code into the online infrastructure of Safe Wallet, the system used to communicate with Bybit’s account upon activation.

袭击发生前两天，据信是臭名昭著的Lazarus集团的一部分的朝鲜黑客将恶意代码嵌入了安全钱包的在线基础设施中，该系统用于激活后与Bybit的帐户进行通信。

Safe Global, the company behind Safe Wallet, confirmed that the hackers had managed to “compromise the machine of a Safe Wallet developer,” attributing the breach to the group’s “sophisticated social engineering attacks.”

安全钱包背后的公司安全全球证实，黑客已经设法“妥协了安全钱包开发人员的机器”，这将违反行为归因于该组织的“复杂的社会工程攻击”。

The injected code was specifically designed to exploit Bybit’s wallet. It was designed to mimic the coded “signature” of three key accounts, including that of Bybit’s chief executive, enabling the attackers to bypass security checks.

注入的代码专门设计用于利用Bybit的钱包。它旨在模仿三个关键帐户的编码“签名”，包括拜比特的首席执行官，使攻击者能够绕过安全检查。

At 2:15 PM last Friday, when Bybit attempted to transfer funds, the hackers activated their backdoor function, swiftly draining 400,000 Ethereum coins from the exchange’s wallets.

上周五下午2:15，当Bybit试图转移资金时，黑客激活了他们的后门功能，从交易所的钱包中迅速耗尽了40万个以太坊硬币。

According to a report by Sygnia, “two minutes after the malicious transaction was executed and published,” the hackers had deleted their code and exited the system, even before Bybit detected the theft.

根据Sygnia的一份报告：“恶意交易被执行和发布两分钟，”黑客删除了他们的代码并退出了系统，甚至在Bybit检测到盗窃之前。

Following the heist, the North Korean group has been rapidly laundering the stolen funds through multiple cryptocurrency exchanges.

在抢劫之后，朝鲜集团通过多次加密货币交易所迅速迅速洗过被盗资金。

On Wednesday, the FBI officially attributed the heist to North Korea and identified the hacking group responsible as TraderTraitor.

周三，联邦调查局（FBI）正式将抢劫归因于朝鲜，并将负责的黑客组织确定为交易者。

The agency warned that the hackers are “moving quickly,” having already converted some of the stolen assets into Bitcoin and other cryptocurrencies and dispersing them across thousands of addresses on multiple blockchains.

该机构警告说，黑客正在“迅速移动”，已经将一些被盗资产转换为比特币和其他加密货币，并将其分散在数千个地址上。