惊魂一夜 Ledger Connect Kit安全事件分析

According to the news of the security situation awareness platform, a large number of decentralized applications were used. Due to the use of maliciously implanted libraries, users' assets were stolen, and hackers' profits exceeded $10,000. The security team analyzed the incident at the first time. The results are as follows: Yes, a library allowed users to connect their equipment to a third-party library. Vulnerability analysis of the link address. The reason for this incident was that a former employee was attacked by phishing without canceling his code access rights, and the attacker gained access to his account. Permission Then the malicious version released by the attacker, the affected version is and the attack process. As early as two months ago, the attacker released the malicious version and two malicious versions two months ago. By distributing malicious codes, the user's funds were transferred to the designated hacker wallet address. At present, the hacker's fund address has been marked as a link for users to monitor it in real time on the website. This attack involves many public chains, and hackers have transferred many users' assets waiting for the network to be obtained. According to the inquiry, the profit exceeds USD 10,000. At the time of publication, some of the stolen funds on the Ethereum were sent to the fishing address and the rest were kept in the attacker's address. Due to too many kinds of tokens, the following pictures only show some information. At present, all the stolen funds on the anti-money laundering analysis platform chain are kept in the attacker's address. This incident involves a large number of users on the public chain being stolen. Here, only the stolen situation on the Ethereum and the Internet is shown. Safety suggestions: This incident once again reflects the importance of supply chain security. Chain security is often ignored by developers and security teams, and hackers can implant malicious code through all links of the software supply chain to steal user information and digital assets and carry out large-scale attacks. Suggestions for preventing such security incidents are as follows: when selecting and using third-party software or components, you need to conduct security review and verification, understand the security standards and practices of third parties, and ensure that the software has not been tampered with or implanted with malicious code, and adopt safe development practices, such as using security coding standard code to review vulnerability scanning. Description and security testing to ensure that the software is always in a safe state during the development process, timely apply security updates and patches issued by software vendors to repair known vulnerabilities and defects, keep the software in the latest version, reduce the risk of being attacked, adopt multi-level security defense strategies, including network security, terminal security and data security, use intrusion detection systems, terminal security software and data encryption to improve the security of the entire software supply chain, establish monitoring and response mechanisms, and detect anomalies in time. Activities and potential supply chain attacks and take corresponding countermeasures, such as isolating the infected code base, timely repairing vulnerabilities and restoring data, etc., providing staff training and raising awareness so that they can identify social engineering attacks and supply chain attacks and take appropriate preventive measures, such as being wary of phishing emails and not downloading attachments at will. The employee rights of the development team need to be updated in time, and the handover code rights need to be transparent and clear. As a leading blockchain security company in many countries and places around the world, The district has set up a branch business covering the code security audit before the project goes online, the security risk monitoring, early warning and blocking of virtual currency, the recovery of stolen assets and safety compliance, etc. The one-stop blockchain security product service company is committed to the safe development of ecology, and has provided blockchain security technical services to many enterprises around the world, including audited smart contracts and public chain main network. 比特币今日价格行情网_okx交易所app_永续合约_比特币怎么买卖交易_虚拟币交易所平台

注册有任何问题请添加 微信：MVIP619 拉你进入群

文章转载注明 网址：https://netpsp.com/?id=62343