Nyanzvi Yekuchengetedza Inoti iyo Bybit Hack Inogona kunge Iine Mukati

Iyo $ 1.4 bhiriyoni yekubira kweBybit kuchinjanisa kutinhira kwechisikigo. Chekutanga, huwandu hwekubiwa kwekrisptocurrency hunokatyamadza muhukuru. Chechipiri, masisitimu ekuchengetedza emapuratifomu makuru eCEX anoonekwa seakavimbika uye ane ruzivo, asi zvinoita sekunge handizvo.

Makambani ese ( Arkham ) uye nyanzvi dzega ( ZachXBT ) vari kutsvaga zviratidzo zvekufurira kwekunze uye nzira yemari yekuona kuti mari ichatungamira ani. Panguva ino, nyanzvi yekuchengeteka isingazivikanwe Dexaran , munyori we ERC-223 uye musoro we Ethereum Commonwealth , akatarisa zvakadzama mukurwisa kwacho uye pachena kuti nzira yekudzivirira yanga isiri yakasimba kudaro, uye kuti mumwe munhu ari mukati meBybit anogona kunge ari kubatanidzwa mukubira.

Multisig yakaratidza kuti haina kuvimbika.

Iyo yakawanda yakawanda yekuchinjana inoshandisa multisig zvikwama zvekuchengetedza midziyo. Muchokwadi, icho chakasarudzika chibvumirano chinogona kuitwa chete kana vanhu vane chekuita nemanejimendi vakatendera danho rakarongwa nemasaini avo. Zvibvumirano zvakangwara zvakadaro zvinogona kuva updatable , kureva kuva nebundle rekondirakiti yevamiriri inochengeta data uye kondirakiti yekumisikidza - pfungwa dzinofanirwa kuitwa.

Dexaran mune imwe yezvinyorwa zvake anopa kero ye proxy contract yeBybit inotonhora wallet yakarwiswa ichishandisa Gnosis Safe sechibvumirano chekushandisa, ichinyatso cherechedza kuti ichibvumirano chakaoma chemitsara ye1080. Zvingangove kuti timu yeBybit haina kumbobvira yashandisa mashandiro akazara eGnosis Safe. Zvingangodaro, kusarudzwa kwekontrakiti yakangwara yakawanda-siginicha yakapesvedzerwa nekugamuchirwa kwakapararira kweGnosis Safe. Zvichakadaro, kuomarara kunowanzo tungamira kune redundancy uye kusanzwisisa kwemaitiro ekodhi mumamiriro ezvinhu akaoma, munhu anogona kuyeuka mushandisi asina kururama. kudyidzana neGnosis Safe uye kurasikirwa kwemamiriyoni makumi maviri nemashanu emadhora.

Iyo Achilles 'chitsitsinho chemultisig yakashandiswa yakashanduka kuve masiginicha, kana kuti, sei uye nerubatsiro rupi rwavanogadzirwa. Sezvo Dexaran manotsi , masiginecha akaoma zvikuru uye haaverengeki nevanhu, izvo zvinoreva kuti kazhinji software inoshandiswa kuvagadzira, uye nzira yacho pachayo yakafanana kune vese vatori vechikamu, muongorori anoratidza.

Ndicho chikonzero nei dzimwe nhengo dzeboka reBybit dzisina kufungidzira chero chinhu, nokuti zvose zvakatarisa senguva dzose , uye havana kukwanisa kuverenga kuchinjwa kweBybit's hot wallet kune hacker's wallet nekuda kwekuoma kwesignature yakapiwa nehacker.

Hapana chikonzero chekusavimba nehunyanzvi hwaDexaran. Ane ruzivo rwakakura rwekuongorora zvibvumirano zvekuchenjera kubva pakaparadzaniswa Ethereum. Iye audited iyo multisig wallet yeEthereum Classic, yakagadzira ERC-223 chiyero uye smart contract yekukurukurirana modhi kugadzirisa ERC-20 dambudziko .

Sei mubiki angave ari mukati meBybit? Chokwadi, chibvumirano cheGnosis Safe uye chibvumirano cheproxy chakasimbiswa muEtherscan block browser, chero munhu anogona kuverenga kodhi, hacker anogona kungova murume akangwara. Nekudaro, chokwadi chekuti anonyatsoziva kuti masiginecha anogadzirwa sei zvingangoitika zvisingawanzo uye rombo rakanaka rehacker, kana kuti anongoziva mashandiro emukati meiyo Bybit yekuchengetedza system kubva kumabasa ake akananga kana kubva kune anozivisa. Mukuwedzera, hacker haana kungopfuura, iye deployed makopi maviri echibvumirano chakanangwa chekudzidzira zuva rakapfuura.

Hacker nzira

Muongorori pasi pezita rezita ZachXBT traced mafambiro emari kukero yakaunganidza mari kubva ku Phemex hack . Chokwadi ichi chinotorwa sehumbowo Razaro Group kubatanidzwa muBybit hack. Tichifunga kuti hacker kana boka revatsotsi rakanga richipwanya mari uye kuibvisa kuburikidza nemabhiriji akasiyana-siyana uye musanganiswa, muongorori akaita basa reHerculean.

\"Naiye Dexaran anodhirowa kutarisisa kuketani yemakero, kuburikidza neayo kero dzehacker dzakazadzikiswa kubhadhara gasi kufona kuti uedze zvibvumirano uye kutumira kutengeserana nechisiginicha kubvisa mari kubva muchikwama chinotonhora chekuchinjana. Zvinoitika kuti hacker mari makero ake kuburikidza Binance exchange. Binance inowirirana zvizere nemitemo yeKYC/AML uye inonyatsoda kushanda nemasangano akasiyana-siyana ekuchengetedza mutemo. Hongu, matsotsi anoshandisa inonzi “nyurusi remari”, asi ichiri nzwisiso kana shanduko ichishanda nevemutemo.

Kuita kwenharaunda. Daidzira kubviswa kwekuendesa matunhu.

Pakarepo zvakazozivikanwa kuti kuchinjana kwakave kwakavharwa uye huwandu hwenyeredzi hweETH hwakabviswa, misika yakawana kutengesa kudzvinyirira. Zviripachena kuti vatengesi vakamhanyira kunovharisa mabheti avo vachitenda kuti matsotsi aizobvisa mari yakabiwa.

CoinMarketCap

Mushure mekuvhurwa kwekubvisa kubva mukutsinhana, vashandisi vakamhanyawo kutora mari yavo, zvichikonzera kubuda kwemadhora 5.3 bhiriyoni ( DeFi Llama )

Makambani akasiyana akawana zvinobatanidzwa mukumaka mari dzakabiwa uye kudzikisira kugona kwevabiki kushandisa mapuratifomu akasiyana kusanganisa uye kuendesa mari pakati pe blockchains. Tether - iye anopa USDt - block hackers 'mari ( Paolo Ardoino )

Zvisinei, havasi vose vari kufamba pamwe chete. Cryptomixer eXch yaramba kushandira pamwe nekutsinhana.

"Nekuda kwemamiriro ezvinhu aya, tinoda tsananguro yekuti nei tichifanira kubatana nesangano rakasvibisa zita redu," eXch yakanyora mumhinduro yakatumirwa paBitcointalk forum.

Zvinoshamisa kuti kune vanhu vanodana kudzoserwa kweEthereum blockchain kuti vadzore mari yeBybit,

mumwe wavo Jan3 CEO Samson Mow .

Aya mafoni anonzwika seasinganzwisisike, apo vashandisiwo zvavo vanorasikirwa nemari yavo vanopomerwa mhosva yekuregeredza. Hazvisi zvisizvo kuti vashandisi vatumire zvisirizvo mari kune yekutsinhana kubva kune isiriyo EVM network, uye zvese zvekutsinhana zvinoda kuita kushandisa node yeruzhinji kutumira mari yemushandisi kumashure, asi mu99.9% yezviitiko vanoramba. Uyezve Bybit yakavimbisa kuti ine matura akakwana kuvhara kurasikirwa kwese.

Vanhu ava vasingazive vanodaidzira kuti vavige zvese kuedza kwakaitwa neiyo blockchain indasitiri nekubvisa zvachose decentralization, nekudaro kudzikisa kukosha chaiko kweruzhinji blockchain tekinoroji kusvika ku0.

Sezvineiwo, vagadziri veEthereum ivo pachavo vanopokana nekufamba kwakadaro, uye vane zvinopfuura kururamisa chinzvimbo chavo.

semuenzaniso, kernel developer Tim Beiko .

Uye vane vatsigiri vakakwana panyaya iyi vanokurudzira decentralization uye cryptopunk philosophy,

zvakaita se Justin Bons .

Bybit pachayo yakatanga chirongwa chebounty, nekudaro ichizivisa kuvhima kwevanobira vanobatanidzwa mukubira.

Mhedziso

Nharaunda inoshandiswa ku periodic hacks yeDeFi protocol. Pamapuratifomu aya vanogadzira vanowanzoregeredza maitiro ekuyedza uye maodhita, sarudza mamodule ane kodhi uye pfungwa dzavasingazive zvizere. Zvese mukufarira kukurumidza kwekusimudzira uye kutya kupotsa wave. Ndosaka CEX hack, kunyanya yakakura, inogara iri chiitiko chepamusoro-soro chinosiya fungidziro isingaperi paindasitiri yese.

Vagadziri pamatanho ese havafanirwe kukanganwa kuti nhangemutange yezvidziviriro nzira uye maturusi ekubira haina kumira uye inofanirwa kungwarira.