|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Radiant Capital 披露了 10 月 16 日攻击的事后分析,该攻击导致 BNB 链和 Arbitrum 网络中超过 5000 万美元的数字资产被盗。
DeFi platform Radiant Capital has disclosed a post-mortem for the Oct. 16 attack that saw over $50 million in digital assets stolen from the BNB Chain and Arbitrum networks. According to Radiant, the attacker compromised the devices of three of its long-standing developers.
DeFi 平台 Radiant Capital 披露了 10 月 16 日攻击的事后分析,该攻击导致 BNB 链和 Arbitrum 网络中超过 5000 万美元的数字资产被盗。根据 Radiant 的说法,攻击者破坏了其三名长期开发人员的设备。
Hackers were able to compromise the devices through a “sophisticated malware injection” used to sign malicious transactions.
黑客能够通过用于签署恶意交易的“复杂的恶意软件注入”来破坏设备。
“The devices were compromised in such a way that the front-end of Safe{Wallet} (f.k.a. Gnosis Safe) displayed legitimate transaction data while malicious transactions were signed and executed in the background,” the Radiant team explained in a blog post.
Radiant 团队在博客文章中解释道:“这些设备受到损害,Safe{Wallet}(前身为 Gnosis Safe)的前端显示合法交易数据,而恶意交易则在后台签名和执行。”
Radiant Capital is a decentralized finance (DeFi) platform that allows users to earn interest and borrow assets across multiple blockchain networks. It operates like an “omnichain money market,” enabling cross-chain transactions on lending markets in different networks, such as Ethereum, BNB and Arbitrum.
Radiant Capital是一个去中心化金融(DeFi)平台,允许用户跨多个区块链网络赚取利息和借入资产。它的运作就像一个“全链货币市场”,可以在不同网络(例如以太坊、BNB 和 Arbitrum)的借贷市场上进行跨链交易。
The attack
袭击
According to the company, the breach occurred during a routine multisignature emissions adjustment, a process that takes place “periodically to adapt to market conditions and utilization rates.”
据该公司称,此次违规事件发生在例行的多重签名排放调整过程中,该过程“定期进行,以适应市场条件和利用率”。
Multisignature is the dominant means of securing Web3 protocols. it requires multiple signatures to authorize a transaction.
多重签名是保护 Web3 协议的主要手段。它需要多个签名来授权交易。
Once the transactions were approved, the compromised devices intercepted these approvals and replaced them with a malicious transaction, which was then forwarded to the hardware wallets for signature. As soon as the Safe Wallet detected an issue, it displayed an error message, prompting the users to attempt the signature again.
一旦交易获得批准,受感染的设备就会拦截这些批准,并将其替换为恶意交易,然后将其转发到硬件钱包进行签名。安全钱包一旦检测到问题,就会显示错误消息,提示用户再次尝试签名。
This type of failure can arise from a number of factors, such as gas price fluctuations, nonce mismatch, network congestion, and insufficient gas limit, among others.
这种类型的故障可能由多种因素引起,例如 Gas 价格波动、随机数不匹配、网络拥塞和 Gas 限制不足等。
“As a result, this behavior did not raise immediate suspicion,” said the team. This process ultimately allowed the attackers to gather three valid signatures.
“因此,这种行为并没有立即引起怀疑,”该团队表示。这个过程最终让攻击者收集了三个有效签名。
Losses across various attack types in 2024. Source: Hacken
2024 年各种攻击类型的损失。来源:Hacken
As per Radiant, the signed transactions still appeared legitimate within the user interface, making the attack difficult to detect. The breach was also undetectable during the manual review of the Gnosis Safe UI and Tenderly simulation stages of the routine transaction.
根据 Radiant 的说法,签名的交易在用户界面中仍然显示为合法,这使得攻击难以检测。在手动审查 Gnosis Safe UI 和例行交易的 Tenderly 模拟阶段期间,也无法检测到该漏洞。
“This has been confirmed by external security teams, including SEAL911 and Hypernative,” noted the post-mortem.
事后分析指出:“这一点已得到 SEAL911 和 Hypernative 等外部安全团队的证实。”
Along with draining assets worth $50 million, the hackers exploited open approvals to withdraw funds from users’ accounts. Other Radiant core developers may also have had their devices compromised. The protocol has requested users to revoke approvals on all chains to mitigate further incidents:
除了耗尽价值 5000 万美元的资产外,黑客还利用公开批准从用户账户中提取资金。其他 Radiant 核心开发人员的设备也可能受到损害。该协议已要求用户撤销对所有链的批准,以减少进一步的事件:
According to a report by cybersecurity firm Hacken, access control exploits were responsible for $316 million in lost funds during the third quarter. This accounts for nearly 70% of all crypto funds stolen during the quarter.
根据网络安全公司 Hacken 的一份报告,访问控制漏洞导致第三季度资金损失达 3.16 亿美元。这占本季度所有被盗加密货币资金的近 70%。
免责声明:info@kdj.com
所提供的信息并非交易建议。根据本文提供的信息进行的任何投资,kdj.com不承担任何责任。加密货币具有高波动性,强烈建议您深入研究后,谨慎投资!
如您认为本网站上使用的内容侵犯了您的版权,请立即联系我们(info@kdj.com),我们将及时删除。
-
- 灰度莱特币信托:私募表格 8 K
- 2024-10-19 06:15:02
- 第 3.02 项。未注册的股本证券销售。自灰度莱特币最近提交的 8-K 表当前报告中的销售额报告以来