新的诈骗令牌绕过流行交易数据网站的过滤器

加密安全研究人员对一种新型模因币发出警报，这种模因币能够绕过监控诈骗的流行交易数据网站上的诈骗过滤器。

A new scam crypto memecoin has been discovered that is able to bypass scam filters on popular trading data sites.

人们发现了一种新的骗局加密模因币，它能够绕过流行交易数据网站上的骗局过滤器。

The token, which trades under the ticker REPUBLICAN, has a piece of code that lets its programmer withdraw tokens straight out of any crypto wallet holding them.

该代币的交易代码为 REPUBLICAN，有一段代码可以让程序员直接从任何持有代币的加密钱包中提取代币。

When traders swap Ether for REPUBLICAN on decentralised exchanges, the tokens they just bought are transferred away.

当交易者在去中心化交易所将以太币换成 REPUBLICAN 时，他们刚刚购买的代币就会被转移出去。

The code also gives its creator a nearly infinite balance of the token.

该代码还为其创建者提供了近乎无限的代币余额。

The malicious memecoin was first spotted by an X user called yourfriend_btc on Wednesday before being shared by other accounts.

周三，一位名为 yourfriend_btc 的 X 用户首先发现了恶意 memecoin，然后被其他帐户共享。

It’s not clear how much the scammer has profited. According to Dex Screener, a popular trading data site, traders have bought and sold over $408,000 worth of the memecoin.

目前尚不清楚骗子获利了多少。根据热门交易数据网站 Dex Screener 的数据，交易者已经买卖了价值超过 408,000 美元的 memecoin。

However, because the fraud is easy to replicate and difficult to spot, it may only be a matter of time before similar scam tokens claim more victims.

然而，由于欺诈行为很容易复制且难以发现，因此类似的诈骗代币吸引更多受害者可能只是时间问题。

Backdoors are obscured

后门被遮挡

Usually, newly launched memecoins that contain malicious code aren’t an issue for experienced crypto traders.

通常，对于经验丰富的加密货币交易者来说，新推出的包含恶意代码的模因币并不是问题。

Security tools can automatically scan the code of new tokens to check for traps.

安全工具可以自动扫描新令牌的代码以检查是否存在陷阱。

But three such tools on Dex Screener showed no issues with the REPUBLICAN token. However, Dex Screener cautions that such audits may not be 100% accurate.

但 Dex Screener 上的三个此类工具显示 REPUBLICAN 代币没有任何问题。然而，Dex Screener 警告称，此类审核可能并非 100% 准确。

“The industry has recently gotten better at quickly detecting these types of exploits using real-time monitoring solutions,” Lewellen told DL News. “Knowing this, scammers are now resorting to obscuring backdoors.”

Lewellen 告诉 DL News：“业界最近在使用实时监控解决方案快速检测此类漏洞方面做得越来越好。” “知道这一点后，诈骗者现在开始诉诸隐藏后门。”

To avoid detection, the person who programmed the REPUBLICAN token wrote extra snippets of malicious code in assembly language — a programming language that is used to communicate more closely with underlying machine code.

为了避免检测，编写 REPUBLICAN 代币的人用汇编语言（一种用于与底层机器代码更密切地通信的编程语言）编写了额外的恶意代码片段。

According to Lewellen, assembly language code is harder to interpret, making it more difficult to detect if it contains malicious properties.

根据 Lewellen 的说法，汇编语言代码更难解释，因此更难以检测它是否包含恶意属性。

In the past, malicious tokens have cost traders dearly.

过去，恶意代币让交易者付出了高昂的代价。

In 2021, a scam token named after the Netflix show “Squid Game” stole $2.5 million from traders. The token contained code that prevented buyers from selling it so it could only increase in value.

2021 年，一种以 Netflix 节目《Squid Game》命名的诈骗代币从交易者那里窃取了 250 万美元。该代币包含阻止买家出售它的代码，因此它的价值只会增加。

Today, so-called honeypot tokens are less of an issue because security tools on sites like Dex Screener make them easy to spot.

如今，所谓的蜜罐令牌不再是一个问题，因为 Dex Screener 等网站上的安全工具使它们很容易被发现。

According to Lewellen, monitoring solutions should be in place before too long to identify the assembly language obfuscation technique.

Lewellen 认为，监控解决方案应该很快就到位，以识别汇编语言混淆技术。

But he warned that scammers will get to work finding other, more creative ways to hide their intent.

但他警告说，诈骗者将开始寻找其他更有创意的方法来隐藏他们的意图。

Reach out with tips at tim@dlnews.com to Tim Craig, DL News’ Edinburgh-based DeFi Correspondent.

请通过 tim@dlnews.com 联系 DL News 驻爱丁堡 DeFi 通讯员 Tim Craig，获取建议。