Harmony更新被盗事件调查结果:系钓鱼攻击,约64,000个钱包受到影响_虚拟币交易所平台,数字货币,NFT
BlockBeats 消息,8 月 6 日,Harmony 近期发文公布跨链桥被盗近亿美元事件详情,表示这是针对其内部基础设施的协同攻击与钓鱼攻击,大约 64,000 个钱包受到影响。迄今为止,没有证据表明跨链桥智能合约或区块链协议受到损害。具体而言,解密跨链桥密钥需要在一组安全的服务器中进行多项操作,以便在具有特权访问(授权角色)的服务器上即时生成密钥。 Harmony 认为攻击者 1) 采用网络钓鱼方案诱骗至少一名软件开发人员在其笔记本电脑上安装恶意软件,2) 使攻击者能够阅读聊天线程以了解如何操作跨链桥,和/或获得对非公共跨链桥基础设施代码的访问权,以及 3) 获得对一台或多台服务器的后门访问权,以执行黑客攻击。肇事者成功地做到了这三件事。 BlockBeats 此前报道,6 月 24 日,Harmony 公告表示,其开发的以太坊与间的资产跨链桥 Horizon 遭到攻击,损失金额约为 1 亿美元,目前团队已与相关部门以及专家合作追查攻击者。此外,Harmony 称其跨链桥并未受到影响,且目前已通知交易平台暂停了 Horizon 跨链桥的使用。
: update of the current location The investigation result of the stolen incident is a phishing attack. About wallets are affected. The investigation result of the stolen incident is a phishing attack. About wallets are affected. Block rhythm is the source of blockchain network news. Recently, the details of the incident of stealing nearly 100 million US dollars from the cross-link bridge were published. It shows that this is a coordinated attack and phishing attack against its internal infrastructure. Up to now, there is no evidence that the smart contract or blockchain protocol of the cross-link bridge is damaged. Specifically, the cross-link bridge is decrypted. Bridge keys need to be operated in a group of secure servers in order to instantly generate keys on servers with privileged access authorization roles. It is believed that attackers use phishing schemes to trick at least one software developer into installing malicious software on their laptops, so that attackers can read chat threads to learn how to operate the cross-bridge and/or gain access to non-public cross-bridge infrastructure codes and gain back door access to one or more servers to execute hackers. The perpetrators of the attack succeeded in these three things. It was previously reported that the announcement on March said that the asset overpass bridge between the Ethereum and the company was attacked, and the loss was about US$ 100 million. At present, the team has cooperated with relevant departments and experts to trace the attackers. In addition, it is said that its overpass bridge has not been affected and the trading platform has been notified to suspend the use of the overpass bridge. 比特币今日价格行情网_okx交易所app_永续合约_比特币怎么买卖交易_虚拟币交易所平台
注册有任何问题请添加 微信:MVIP619 拉你进入群
打开微信扫一扫
添加客服
进入交流群
1.本站遵循行业规范,任何转载的稿件都会明确标注作者和来源;2.本站的原创文章,请转载时务必注明文章作者和来源,不尊重原创的行为我们将追究责任;3.作者投稿可能会经我们编辑修改或补充。