臭名昭著的 PancakeBunny 剥削者再次出现,通过 Tornado Cash 转移大量资金,事态发展令人惊讶。
The PancakeBunny exploiter, who has been largely inactive for the past years, has now moved 1,029 ETH (roughly $2.9 million) via Tornado Cash, a cryptocurrency blending platform. The transaction, which occurred on Sunday evening, saw the funds being moved from the wallet address 0xd0f225...756b, as highlighted by the security firm CertiK Alerts.
PancakeBunny 漏洞利用者过去几年基本不活跃,现在通过加密货币混合平台 Tornado Cash 转移了 1,029 ETH(约合 290 万美元)。正如安全公司 CertiK Alerts 所强调的那样,这笔交易发生在周日晚上,资金从钱包地址 0xd0f225...756b 转移。
This particular transaction is being closely monitored due to the exploiter's past involvement in a large-scale exploit on PancakeBunny in May 2021. The incident, which involved a flash loan attack, resulted in user losses of around $45 million. The perpetrator manipulated the price of BUNNY tokens using a substantial amount of assets from PancakeSwap, before selling the tokens at a price of nearly zero, ultimately leading to massive losses.
由于攻击者曾于 2021 年 5 月参与过针对 PancakeBunny 的大规模攻击,因此该特定交易正在受到密切监控。该事件涉及闪贷攻击,导致用户损失约 4500 万美元。犯罪者利用 PancakeSwap 的大量资产操纵 BUNNY 代币的价格,然后以接近零的价格出售代币,最终导致巨额损失。
While a significant portion of the stolen funds have been moved, the exploiter still holds about $11.4 million in DAI at the wallet address 0x820C. These activities highlight the ongoing challenges faced by security professionals and regulators in locating and recovering lost cryptocurrency.
虽然大部分被盗资金已被转移,但攻击者仍在钱包地址 0x820C 处持有约 1140 万美元的 DAI。这些活动凸显了安全专业人员和监管机构在定位和恢复丢失的加密货币方面所面临的持续挑战。
In this case, Tornado Cash plays a dual role. While it offers privacy protection for legitimate users, it is also a preferred platform for cybercriminals to conceal stolen funds. The PancakeBunny exploit serves as a stark reminder of the complexities involved in striking a delicate balance between privacy and security in the crypto space.
在这种情况下,龙卷风现金扮演着双重角色。虽然它为合法用户提供隐私保护,但它也是网络犯罪分子隐藏被盗资金的首选平台。 PancakeBunny 漏洞清楚地提醒我们,在加密货币领域的隐私和安全之间取得微妙的平衡是非常复杂的。
