朝鲜黑客与价值 6250 万美元的 Web3 大规模盗窃案有关

Blast 网络上的 Web3 项目 Munchables 被利用，导致以太坊损失约 6250 万美元。调查表明，朝鲜黑客可能对此次攻击负责，有证据表明，Munchables 雇佣了一名开发人员，进行了手动操作，并与其他四名可能参与该漏洞的开发人员有联系。攻击的后果在 Blast 社区内引发了关于区块链回滚可能性的争议，同时 Blast 的资金流出有所增加，协议的 TVL 略有下降。

North Korean Hackers Implicated in $62.5 Million Crypto Heist Targeting Web3 Project Munchables on Blast Network

朝鲜黑客涉嫌针对 Blast Network 上的 Web3 项目 Munchables 实施价值 6250 万美元的加密货币抢劫

March 27, 2023 (UTC) - A brazen cyberattack attributed to North Korean hackers has resulted in the theft of approximately $62.5 million in Ethereum (ETH) from Web3 project Munchables, a blockchain-based gaming platform operating on the Blast network.

2023 年 3 月 27 日（世界标准时间）- 朝鲜黑客发起的一次无耻网络攻击导致 Web3 项目 Munchables（在 Blast 网络上运行的基于区块链的游戏平台）价值约 6250 万美元的以太坊 (ETH) 被盗。

Initial Attack and Damage Assessment

初始攻击和损害评估

On March 26, Munchables disclosed the incident via an X (formerly Twitter) post, acknowledging the compromise and their efforts to track the hacker's movements and suspend fraudulent transactions. Blockchain analyst ZachXBT identified a wallet address suspected of belonging to the attacker, revealing a massive ETH withdrawal of 17,413 units, valued at the time of the heist.

3 月 26 日，Munchables 通过 X（以前的 Twitter）帖子披露了这一事件，承认了此次泄露以及他们为追踪黑客的行动并暂停欺诈交易所做的努力。区块链分析师 ZachXBT 发现了一个疑似属于攻击者的钱包地址，显示有 17,413 个单位的大量 ETH 被提取，其价值与抢劫时的价值相同。

Laundering and Suspected Perpetrator

洗钱和涉嫌犯罪者

The stolen funds were skillfully laundered through the Orbiter Bridge, converting the Blast ETH back to standard Ethereum before distribution across multiple wallets. ZachXBT's investigation suggests the involvement of a North Korean developer known as "Werewolves0943," who was allegedly hired by the Munchables team.

被盗资金通过 Orbiter Bridge 巧妙地进行了清洗，将 Blast ETH 转换回标准以太坊，然后分配到多个钱包。 ZachXBT 的调查表明，一名名为“Werewolves0943”的朝鲜开发者参与其中，据称他是 Munchables 团队雇用的。

Sophisticated Exploit Unveiled

复杂的漏洞揭晓

However, a subsequent X post by Solidity developer 0xQuit presented a more intricate account of the exploit. Evidence pointed to a Munchables developer who implemented a contract upgrade shortly before launch, enabling the manipulation of storage slots to inflate the attacker's deposited ETH balance to a colossal 1 million units.

然而，Solidity 开发人员 0xQuit 随后发布的 X 帖子对该漏洞提供了更复杂的描述。有证据表明，Munchables 开发人员在发布前不久实施了合约升级，从而能够操纵存储槽，将攻击者存入的 ETH 余额膨胀到 100 万单位。

This manipulation bypassed safeguards designed to prevent withdrawals exceeding deposits. 0xQuit further alleges that the attacker manually assigned themselves this inflated balance before implementing a seemingly legitimate contract swap. The project's attractive TVL (total value locked) ultimately allowed the attacker to siphon off the manipulated balance.

这种操纵绕过了旨在防止提款超过存款的保障措施。 0xQuit 进一步声称，攻击者在实施看似合法的合约交换之前，手动为自己分配了这个虚增的余额。该项目极具吸引力的 TVL（锁定总价值）最终让攻击者能够吸走被操纵的余额。

Developer Connections and Prior Involvements

开发人员联系和之前的参与

ZachXBT's further probe revealed a potential link between four developers hired by Munchables, who may have been involved in the exploit. These individuals allegedly recommended each other for employment, shared exchange deposit addresses for payments, and even funded each other's wallets, indicating the possibility of a single actor operating under multiple aliases.

ZachXBT 的进一步调查揭示了 Munchables 雇用的四名开发人员之间存在潜在联系，他们可能参与了该漏洞利用。据称，这些人互相推荐就业，共享付款的交易所存款地址，甚至为彼此的钱包提供资金，这表明单个演员可能使用多个别名进行操作。

North Korean hackers have a history of involvement in crypto-related attacks, lending further credence to the suspicions surrounding the Munchables heist.

朝鲜黑客有参与加密货币相关攻击的历史，这进一步证实了围绕 Munchables 抢劫案的怀疑。

Impact on Blast Network

对 Blast 网络的影响

The incident has divided the Blast community, with some X users urging the network's team to forcibly roll back the blockchain to a point prior to the exploit. However, this proposal has faced resistance from others who view such centralized intervention as undermining the principles of decentralized networks.

该事件引起了 Blast 社区的分裂，一些 X 用户敦促网络团队将区块链强制回滚到漏洞利用之前的某个点。然而，这一提议遭到了其他人的抵制，他们认为这种集中干预破坏了去中心化网络的原则。

The attack has triggered a surge in outflows on Blast, accompanied by a slight dip in the protocol's TVL. The long-term impact on the network's stability remains uncertain.

此次攻击引发了 Blast 的资金流出激增，同时该协议的 TVL 略有下降。对网络稳定性的长期影响仍不确定。

Conclusion

结论

The $62.5 million Munchables heist underscores the ongoing threat posed by sophisticated cybercriminals targeting Web3 projects. The alleged involvement of North Korean hackers raises concerns about the national level of sponsorship for such nefarious activities, while the exploit itself highlights the need for robust security measures and transparent development practices. As the crypto industry continues to evolve, vigilance and collaboration remain paramount to safeguarding digital assets from malicious actors.

Munchables 价值 6250 万美元的盗窃案凸显了针对 Web3 项目的复杂网络犯罪分子所构成的持续威胁。朝鲜黑客的涉嫌参与引发了人们对国家层面对此类邪恶活动的赞助的担忧，而利用本身则凸显了强有力的安全措施和透明的开发实践的必要性。随着加密行业的不断发展，警惕和协作对于保护数字资产免受恶意行为者的侵害仍然至关重要。