2024 年第一季度网络犯罪爆炸：巨大损失之后有望恢复

2024 年第一季度，网络犯罪分子以知名个人和项目为目标，导致超过 8.24 亿美元被盗。访问控制违规最为普遍，占损失的 83%。尽管造成了重大的财务影响，但仍追回或冻结了约 4.44 亿美元，这凸显了行业对安全事件的响应能力的提高。

Cybercrime Surge: Q1 2024 Witnesses Unprecedented Wave of Hacking Attacks, Resulting in Massive Losses but Promising Recoveries

网络犯罪激增：2024 年第一季度出现前所未有的黑客攻击浪潮，造成巨大损失，但有望恢复

The first quarter of 2024 has been marked by an alarming surge in hacking activity, with cybercriminals targeting high-profile individuals and projects, leading to staggering financial losses. According to a comprehensive report shared by Hacken with CryptoPotato, hackers siphoned away $824 million across 67 reported breaches, highlighting the evolving tactics and sophistication of malicious actors in the digital realm.

2024 年第一季度，黑客活动激增，网络犯罪分子以知名个人和项目为目标，造成了惊人的经济损失。根据 Hacken 与 CryptoPotato 分享的一份综合报告，黑客在 67 起报告的违规事件中窃取了 8.24 亿美元，这突显了数字领域恶意行为者不断变化的策略和复杂性。

Access Control Breaches: The Primary Culprit

访问控制违规：罪魁祸首

Access control emerged as the most prevalent category of hacks during Q1 2024, accounting for a staggering 83% of the total funds stolen, amounting to $682 million. This vulnerability was exploited in 26 separate incidents, granting unauthorized access to critical system components, allowing hackers to wreak havoc and pilfer funds.

访问控制成为 2024 年第一季度最流行的黑客攻击类别，占被盗资金总额的 83%，金额高达 6.82 亿美元，令人震惊。该漏洞已在 26 起独立事件中被利用，允许对关键系统组件进行未经授权的访问，从而使黑客能够造成严重破坏并窃取资金。

Four major breaches alone accounted for 66% of the total losses. The most notable was the $290 million breach at Playdapp, a prominent gaming platform. Other high-profile incidents included the $112 million hack of Ripple co-founder Chris Larsen's wallet, the $80 million compromise of the Orbit chain bridge, and the $63 million exploit of Munchables, a Web3 gaming protocol on Blast.

仅四次重大违规事件就占总损失的66%。最引人注目的是著名游戏平台 Playdapp 的 2.9 亿美元违规事件。其他备受瞩目的事件包括 Ripple 联合创始人 Chris Larsen 钱包被盗价值 1.12 亿美元、Orbit 链桥损失 8000 万美元，以及 Blast 上的 Web3 游戏协议 Munchables 价值 6300 万美元的漏洞。

Token Projects and High-Profile Individuals Targeted

代币项目和知名人士成为目标

Token projects were another favorite target of hackers, with 19 reported incidents, followed by other projects (10 incidents) and lending protocols (9 incidents). Gaming platforms, led by Playdapp's substantial losses, suffered the most significant financial hits, while Munchables also bore the brunt of hacking activity.

代币项目是黑客最喜欢的另一个目标，报告了 19 起事件，其次是其他项目（10 起事件）和借贷协议（9 起事件）。以 Playdapp 巨额亏损为首的游戏平台遭受的财务打击最为严重，而 Munchables 也首当其冲受到黑客活动的影响。

Notable individuals, DAOs, token platforms, bridges, and CeFi platforms all experienced breached wallets, constituting the second-largest category of losses. Such incidents included breaches involving influential figures like Chris Larsen, Jeffrey Zirlin, and AirDAO, demonstrating the wide-reaching impact of these attacks.

知名人士、DAO、代币平台、网桥和 CeFi 平台都经历过钱包被泄露的情况，构成第二大损失类别。此类事件包括涉及 Chris Larsen、Jeffrey Zirlin 和 AirDAO 等有影响力人物的违规行为，这表明这些攻击的影响广泛。

Glimmers of Hope: Recovery Efforts Yield Positive Results

希望的曙光：恢复努力取得积极成果

Despite the staggering losses incurred during the first quarter, Hacken's report offers a glimmer of hope. Approximately $444 million was successfully recovered or frozen from various hacks and exploits, representing 54% of the total amount stolen. This remarkable recovery effort signals a substantial advancement in the industry's responsiveness and resilience to such incidents.

尽管第一季度出现了惊人的亏损，哈肯的报告还是带来了一线希望。大约 4.44 亿美元因各种黑客攻击和漏洞被成功追回或冻结，占被盗总金额的 54%。这一出色的恢复工作标志着该行业对此类事件的响应能力和恢复能力取得了重大进步。

Various measures contributed to these successful recoveries. Hackers returned funds in exchange for bounties, as witnessed in the Seneca Protocol hack and the Dolomite case. White hat hackers played a crucial role, with individuals like @coffeebabe_eth actively disrupting hacks and returning stolen funds, as evidenced in the Blueberry protocol breach.

各种措施促成了这些成功的复苏。正如塞内卡协议黑客事件和白云石事件中所见证的那样，黑客返还资金以换取赏金。白帽黑客发挥了至关重要的作用，@coffeebabe_eth 等个人积极破坏黑客行为并返还被盗资金，蓝莓协议违规事件就证明了这一点。

The proactive steps taken by project teams and ethical hackers significantly minimized further disruptions and aided in the recovery of stolen funds. While the total amount hacked remains substantial, the ability to recover more than half of the stolen funds represents a significant positive development for industry security and resilience.

项目团队和道德黑客采取的积极主动措施极大地减少了进一步的干扰，并有助于追回被盗资金。虽然被黑客攻击的总金额仍然很大，但能够追回一半以上被盗资金代表了行业安全和弹性的重大积极进展。

Expert Insight: Vectors of Attack and Industry Dynamics

专家见解：攻击向量和行业动态

In an exclusive interview with CryptoPotato, Edgar Pavlovski, Hacken's Senior Blockchain Researcher, provided valuable insights into the current threat landscape and industry trends.

在接受 CryptoPotato 独家采访时，Hacken 的高级区块链研究员 Edgar Pavlovski 提供了有关当前威胁形势和行业趋势的宝贵见解。

"The beginning of this year has shown that losing control of one's private key continues to be the largest vector of attack, accounting for 83% of all funds lost," noted Pavlovski. "However, on a positive note, more than half of all stolen funds were either returned or frozen. This represents significant progress compared to previous years, and we anticipate this trend to continue improving over time."

Pavlovski 指出：“今年年初的情况表明，失去私钥控制仍然是最大的攻击媒介，占所有资金损失的 83%。” “然而，从积极的方面来看，超过一半的被盗资金要么被退回，要么被冻结。与前几年相比，这代表了重大进步，我们预计这种趋势将随着时间的推移而继续改善。”

Conclusion: A Call for Vigilance and Collective Action

结论：呼吁保持警惕并采取集体行动

The alarming surge in hacking activity during Q1 2024 serves as a wake-up call for the entire industry. Hackers continue to refine their tactics and target high-value individuals and projects, necessitating heightened vigilance and robust security measures.

2024 年第一季度黑客活动的惊人激增给整个行业敲响了警钟。黑客不断完善其策略并针对高价值个人和项目，因此需要提高警惕并采取强有力的安全措施。

The encouraging progress in recovery efforts demonstrates the growing maturity of the industry and the collaborative efforts of law enforcement, security experts, and ethical hackers. However, it is essential to acknowledge that the battle against cybercrime is an ongoing one, requiring continuous investments in security infrastructure, education, and collective action.

恢复工作取得的令人鼓舞的进展表明该行业日益成熟以及执法部门、安全专家和道德黑客的共同努力。然而，必须承认，打击网络犯罪的斗争是一场持续的斗争，需要对安全基础设施、教育和集体行动进行持续投资。

As the digital landscape evolves, so too must our vigilance and collaboration to combat the ever-present threat of malicious actors. By working together, we can strengthen the industry's defenses and ensure the integrity and security of our digital assets.

随着数字环境的发展，我们也必须保持警惕并进行协作，以应对始终存在的恶意行为者的威胁。通过共同努力，我们可以加强行业的防御并确保我们数字资产的完整性和安全性。