Penpie DeFi 协议被利用，遭受黑客攻击损失 2700 万美元

基于 Pendle 收益平台构建的去中心化金融（DeFi）协议 Penpie 于周三被利用，导致约 2700 万美元的加密资产损失

A DeFi protocol built on the Pendle yield platform, Penpie, was exploited on Wednesday, leading to a loss of about $27 million in crypto assets, blockchain data showed.

区块链数据显示，周三，基于 Pendle 收益平台 Penpie 构建的 DeFi 协议遭到利用，导致加密资产损失约 2700 万美元。

The attacker stole various tokens, including staked Ethereum (ETH), Ethena’s sUSDE, and wrapped USDC. The funds were later converted to ETH using the Li.Fi protocol and moved to a new address.

攻击者窃取了各种代币，包括质押的以太坊（ETH）、Ethena 的 sUSDE 以及包装后的 USDC。这些资金随后使用 Li.Fi 协议转换为 ETH，并转移到新地址。

Blockchain security firm Cyvers reported the incident, detecting suspicious activity involving Penpie’s contract. Based on the report, the address funded by a crypto mixing service has executed a malicious transaction and got around $27 million worth of digital assets.

区块链安全公司 Cyvers 报告了这一事件，检测到涉及 Penpie 合约的可疑活动。根据该报告，由加密货币混合服务资助的地址执行了恶意交易，并获得了价值约 2700 万美元的数字资产。

According to Etherscan data, the exploiter’s address initially received 10 ETH, valued at approximately $25,000, via Tornado Cash just hours before the exploit. This transaction helped conceal the attacker's identity.

根据 Etherscan 数据，在利用前几个小时，利用者的地址最初通过 Tornado Cash 收到了 10 ETH，价值约 25,000 美元。此交易有助于隐藏攻击者的身份。

In a statement, Pendle confirmed a breach in Penpie’s system but reassured its users that their funds on Pendle remained safe. However, the company stated that it had paused all contracts as a safety measure and was working closely with the Penpie team to assess the damage.

Pendle 在一份声明中证实了 Penpie 系统存在漏洞，但向用户保证他们在 Pendle 上的资金仍然安全。不过，该公司表示，作为安全措施，它已暂停所有合同，并正在与 Penpie 团队密切合作来评估损失。

“Pendle has confirmed that its funds are secure after an investigation. However, a security issue has been found in Penpiexyz, a separate protocol built on Pendle. To address this, all contracts have been paused temporarily, and Pendle is working closely with the Penpie team to resolve the issue quickly!” Cyvers added shortly.

“经过调查，Pendle 确认其资金是安全的。然而，在 Penpiexyz（基于 Pendle 构建的独立协议）中发现了安全问题。为了解决这个问题，所有合约都已暂时暂停，Pendle 正在与 Penpie 团队密切合作，以尽快解决问题！”赛弗斯很快补充道。

The attack caused Penpie’s native token (PNP) to drop by 40%, BeInCrypto data showed. Pendle’s token (PENDLE) also experienced an 8% loss, exceeding the losses observed in the broader crypto market.

BeInCrypto 数据显示，此次攻击导致 Penpie 的原生代币 (PNP) 下跌 40%。 Pendle 的代币（PENDLE）也经历了 8% 的损失，超过了更广泛的加密货币市场中观察到的损失。

The Penpie exploit is part of a broader trend of increasing crypto hacks in 2024. A recent report by Immunefi stated that hackers have stolen over $1.2 billion across 154 incidents this year, highlighting the widespread vulnerabilities within DeFi protocols and other crypto platforms.

Penpie 漏洞是 2024 年加密货币黑客攻击增加的更广泛趋势的一部分。Immunefi 最近的一份报告指出，黑客今年在 154 起事件中窃取了超过 12 亿美元，凸显了 DeFi 协议和其他加密平台中广泛存在的漏洞。

In August 2024 alone, crypto hacks resulted in over $313 million in losses, according to security firm PeckShield. The two largest incidents that month involved the theft of $238 million in Bitcoin and $55 million in DAI.

据安全公司 PeckShield 称，仅 2024 年 8 月，加密货币黑客攻击就造成了超过 3.13 亿美元的损失。当月最大的两起事件涉及价值 2.38 亿美元的比特币和 5500 万美元的 DAI 被盗。

Phishing attacks have also seen a surge, with a report from Scam Sniffer showing a 215% increase in financial losses in August. While fewer attacks occurred compared to July, the amount of stolen funds increased significantly, with one phishing scheme netting $55 million.

网络钓鱼攻击也激增，Scam Sniffer 的一份报告显示 8 月份的经济损失增加了 215%。虽然与 7 月份相比发生的攻击有所减少，但被盗资金的金额却大幅增加，其中一项网络钓鱼计划共获利 5500 万美元。