黑客窃取 170 万美元后 XT Exchange 停止提款

总部位于塞舌尔的加密货币交易所 XT Exchange 已停止提款，该交易所日交易量超过 3.15 亿美元。

Seychelles-based crypto exchange XT Exchange has halted withdrawals after being attacked by hackers who stole $1.7 million, according to blockchain security firm PeckShield.

据区块链安全公司 PeckShield 称，总部位于塞舌尔的加密货币交易所 XT Exchange 在遭受黑客攻击并窃取 170 万美元后已停止提款。

The breach was first reported by PeckShield, who noted that unauthorized transactions originated from XT’s wallet structure.

PeckShield 最先报告了此次泄露事件，他指出未经授权的交易源自 XT 的钱包结构。

According to updates, the attacker quickly liquidated the stolen resources, sending 461.58 ETH to a wallet with the address “0xB43f.”

根据最新消息，攻击者很快清算了被盗资源，将 461.58 ETH 发送至地址为“0xB43f”的钱包。

The community vigilance was also instrumental since immediately blockchain enthusiasts pointed at potential issues.

社区的警惕也很有帮助，因为区块链爱好者立即指出了潜在的问题。

XT Exchange Reacts: Assurances Amid UncertaintyIn an effort to contain the situation, XT Exchange acknowledged the breach. They assured users that their funds weren’t compromised.

XT Exchange 的反应：不确定性中的保证为了控制局势，XT Exchange 承认了此次违规行为。他们向用户保证他们的资金没有受到损害。

The platform highlighted its reserve assets are 1.5 times higher than the users’ deposit to prove the company’s solvency to the attacks.

该平台强调其储备资产比用户存款高1.5倍，以证明该公司对攻击的偿付能力。

XT declared the plan to deploy the Merkle Tree Asset Proof System in December, 2024. This system seeks to increase transparency through an independent way in which the users will be able to confirm the stated reserves, a move that comes as the sector increases the calls for accountability.

XT 于 2024 年 12 月宣布计划部署 Merkle Tree 资产证明系统。该系统旨在通过独立的方式提高透明度，用户将能够确认规定的储备，此举是随着该行业呼吁增加而采取的为了问责。

Being one of the leading companies operating in the cryptocurrency market, spot trading volume daily at XT Exchange is over $3.15 billion.

作为加密货币市场的领先公司之一，XT Exchange 每日现货交易量超过 31.5 亿美元。

The issue is that XTs initial public statement demonstrates an organization level of preparedness, however the breach illustrates the current difficulties that centralized exchange faces when it comes down to protecting platforms from advanced attackers.

问题在于，XT 的首次公开声明表明了组织层面的准备工作，但此次违规事件说明了中心化交易所当前在保护平台免受高级攻击者攻击方面面临的困难。

This is a wake-up call for not only exchanges but users as well of the necessity of surveillance when dealing in the crypto space. I can appreciate the fact of XT reserves and the ‘upcoming’ proof-of-reserves system as evidence but it does little to help explain that a lot of money went into the hacker’s wallet.

这不仅给交易所敲响了警钟，也给用户敲响了警钟，让他们意识到在加密货币领域进行交易时进行监控的必要性。我可以欣赏 XT 储备金和“即将推出的”储备证明系统作为证据的事实，但这并不能帮助解释大量资金进入了黑客的钱包。

A Wake-Up Call for the IndustryHacks, rug pulls and frauds are not a rare phenomenon in the sphere of cryptocurrencies. According to a survey conducted by 5Money and Storible, found that American founders are associated with 43% scam crypto projects and 33% global dead projects.

给行业敲响了警钟黑客、诈骗和欺诈在加密货币领域并不罕见。根据 5Money 和 Storible 进行的一项调查，发现美国创始人与 43% 的诈骗加密项目和 33% 的全球死亡项目有关。

Radiant Capital was attacked in October 2024, losing $50 million. Hackers took over three of 11 multisig wallet keys by infiltrating malware into three of the smart contracts, siphoning funds from Binance BNB Chain and Arbitrum into Ethereum.

Radiant Capital于2024年10月遭到攻击，损失5000万美元。黑客通过将恶意软件渗透到其中三个智能合约中，窃取了 11 个多重签名钱包密钥中的三个，将币安 BNB 链和 Arbitrum 的资金转移到以太坊。

In September 2024, BingX lost $52M after attackers breached its hot wallets on Ethereum, Binance Smart Chain, and Avalanche. The stolen assets, including ETH and USDT, were laundered via decentralized exchanges. BingX assured users of compensation and tightened security.

2024 年 9 月，攻击者攻破了 BingX 在以太坊、币安智能链和 Avalanche 上的热钱包，导致 BingX 损失 5200 万美元。包括 ETH 和 USDT 在内的被盗资产是通过去中心化交易所进行洗钱的。 BingX向用户保证赔偿并加强安全性。

WazirX was hit by hackers that stole $230 million in July 2024 due to a vulnerability in the multisig wallet. Assets stolen include SHIB tokens, ETH, and MATIC. The exchange halted withdrawal access, committed to compensating users and cooperated with law enforcement to track the funds.

2024 年 7 月，由于多重签名钱包中的漏洞，WazirX 遭到黑客攻击，窃取了 2.3 亿美元。被盗资产包括SHIB代币、ETH和MATIC。该交易所停止了提款访问，承诺对用户进行赔偿，并配合执法部门追踪资金。