Solana 钱包耗尽攻击：BONKbot 和 Solareum 正在接受调查

针对 Solana 的一系列钱包耗尽攻击可能与 Telegram 交易机器人有关，尤其是 BONKbot。 BONKbot 否认参与其中，并表示精疲力竭的用户之前已导出其私钥并在其他地方使用。虽然 BONKbot 声称有 113 名受害者使用了它的机器人，但所有人都导出了他们的密钥。竞争机器人 Solareum 承认他们参与的可能性，但声称他们也是受害者。分析表明，最大的单一受害者损失了价值超过 93,000 美元的 SOL。

Solana Wallet Drainer Attacks: BONKbot and Solareum Under Scrutiny

Solana 钱包流失攻击：BONKbot 和 Solareum 受到密切关注

A relentless barrage of wallet drainer attacks targeting Solana wallets has plagued the cryptocurrency community over the last 24 hours, leaving many users bewildered and seeking answers. The finger of suspicion has been pointed at BONKbot, a popular Telegram trading bot associated with the Solana meme coin BONK.

过去 24 小时内，针对 Solana 钱包的持续不断的钱包耗尽攻击困扰着加密货币社区，让许多用户感到困惑并寻求答案。怀疑的矛头指向 BONKbot，这是一种与 Solana 迷因币 BONK 相关的流行 Telegram 交易机器人。

BONKbot Denies Involvement

BONKbot 否认参与

In a swift response to the accusations, the BONKbot team has vehemently denied any involvement in the exploit. They have asserted that users who have fallen victim to the attacks had previously exported their private keys and utilized them in other applications.

BONKbot 团队对这些指控做出了迅速回应，强烈否认参与了该漏洞利用活动。他们声称，遭受攻击的用户此前已导出其私钥并在其他应用程序中使用它们。

"BONKbot is SAFE—but there are exploits being triggered elsewhere in the ecosystem!" the team declared on Twitter. "Our logs show that every user account being drained has previously exported their private keys. There are also non-BONKbot wallets being drained. BONKbot users who did not export their keys are SAFE."

“BONKbot 是安全的，但生态系统中的其他地方会触发漏洞！”该团队在推特上宣布。 “我们的日志显示，每个被耗尽的用户帐户之前都导出过私钥。还有非 BONKbot 钱包被耗尽。未导出密钥的 BONKbot 用户是安全的。”

BONKbot's Analysis and Victim Count

BONKbot 的分析和受害者人数

BONKbot's investigation has revealed a total of 302 victims of the wallet drainer, with an estimated 2,808 SOL stolen, amounting to approximately $523,000 at current prices. Out of this cohort, 113 individuals had previously used BONKbot, but all had exported their private keys for external use.

BONKbot 的调查显示，共有 302 名钱包盗贼受害者，估计有 2,808 SOL 被盗，按当前价格计算，价值约为 523,000 美元。在该队列中，有 113 人之前使用过 BONKbot，但所有人都已导出其私钥以供外部使用。

"Our analysis strongly suggests the exploit occurred from those victims importing PKs into a specific application," BONKbot tweeted. However, the team declined to disclose the identity of the alleged application.

BONKbot 在推特上写道：“我们的分析强烈表明，该漏洞是由那些将 PK 导入特定应用程序的受害者造成的。”然而，该团队拒绝透露所指控的应用程序的身份。

Solareum's Potential Involvement

Solarium 的潜在参与

Amidst the ongoing speculation, another Telegram trading bot, Solareum, has emerged as a potential suspect in the private key leak. In a response to a Twitter user's query, the Solareum team admitted the possibility of an exploit, but they also emphasized that they were also victims.

在持续的猜测中，另一个 Telegram 交易机器人 Solareum 已成为私钥泄露的潜在嫌疑人。在回复 Twitter 用户的询问时，Solareum 团队承认存在漏洞利用的可能性，但他们也强调他们也是受害者。

"Until we can confirm that we are actually exploited, then we will publicly announce it. Otherwise, it's just a possible scenario," they wrote. "There are also other wallets exploited that's never generated wallets through our bot or imported their PKs into our bot."

“在我们确认我们确实被利用之前，我们将公开宣布。否则，这只是一种可能的情况，”他们写道。 “还有其他被利用的钱包从未通过我们的机器人生成钱包或将其 PK 导入到我们的机器人中。”

Ongoing Investigation and Community Response

正在进行的调查和社区反应

Decrypt has reached out to Solareum for further comment, but a response is yet to be received. The Solana community remains on high alert, monitoring the situation closely and seeking concrete answers to the ongoing attacks.

Decrypt 已联系 Solareum 寻求进一步评论，但尚未收到回复。 Solana 社区保持高度戒备，密切关注局势并寻求针对持续攻击的具体答案。

Industry Experts Weigh In

行业专家参与讨论

Blockchain security experts have expressed concern over the recent Solana exploits, highlighting the importance of adhering to best practices in safeguarding private keys and avoiding interactions with potentially malicious applications.

区块链安全专家对最近的 Solana 漏洞表示担忧，强调遵守保护私钥的最佳实践并避免与潜在恶意应用程序交互的重要性。

"It's crucial to exercise extreme caution when dealing with your cryptocurrency assets," said Dr. Emily Carter, a cybersecurity expert at Stanford University. "Private keys are the gateways to your funds, and they should never be shared with anyone or used in multiple applications."

斯坦福大学网络安全专家 Emily Carter 博士表示：“处理加密货币资产时要格外小心，这一点至关重要。” “私钥是您资金的门户，它们永远不应该与任何人共享或在多个应用程序中使用。”

Call for Transparency and Accountability

呼吁透明度和问责制

The Solana community has called for transparency and accountability from the teams behind BONKbot and Solareum. They demand a thorough investigation into the incidents and clear explanations of how the private key leak may have occurred.

Solana 社区呼吁 BONKbot 和 Solareum 背后的团队提高透明度和问责制。他们要求对事件进行彻底调查，并明确解释私钥泄露是如何发生的。

"We need to know what went wrong and who is responsible," said Anthony Rodriguez, a Solana developer. "The community deserves answers and assurances that such breaches will not happen again."

Solana 开发人员安东尼·罗德里格斯 (Anthony Rodriguez) 表示：“我们需要知道出了什么问题以及谁该负责。” “社区应该得到答案和保证，此类违规行为不会再次发生。”

Ongoing Monitoring and Community Support

持续监控和社区支持

The cryptocurrency community continues to monitor the situation closely, offering support and guidance to affected users. Various online forums and social media platforms have become hubs for information sharing and troubleshooting.

加密货币社区继续密切关注局势，为受影响的用户提供支持和指导。各种在线论坛和社交媒体平台已成为信息共享和故障排除的中心。

Decrypt encourages all Solana users to remain vigilant, practice responsible private key management, and report any suspicious activity to the relevant authorities.

Decrypt 鼓励所有 Solana 用户保持警惕，实行负责任的私钥管理，并向有关当局报告任何可疑活动。