搜索
首页web3.0Terra 区块链黑客攻击和中断:发生了什么?

Terra 区块链遭遇重大漏洞,涉及复杂的漏洞利用,导致约 500 万美元的各类加密货币被盗。

Terra 区块链黑客攻击和中断:发生了什么?

Terra 区块链周一遭到破坏,攻击者利用漏洞窃取了总计 6000 万个 ASTRO 代币、350 万个 USDC、50 万个 USDT 和 2.7 个 BTC。攻击中使用的具体漏洞由安全研究人员 Rarma (@Rarma_) 识别,他通过 X 确认,“所以,是的,这似乎是 4 月份的 IBC hooks 漏洞。”

该漏洞于今年早些时候被发现但尚未修补,它允许攻击者操纵 IBC 传输过程,使用被利用的机制在 Terra 上铸造代币,然后将其从平台上转移。

“Terra 没有打补丁,这导致了漏洞的发生。攻击者可以利用合约、IBC 调用(带有 IBC 挂钩)和超时来铸造已通过 IBC 传输到 Terra 的代币。 350 万个 axlUSDC、50 万个 USDT、2.7BTC、6000 万个 ASTRO 代币。 Terra 和 Neutron IBC 中继器需要停止,”Rarma 补充道。

研究人员进一步澄清说,“IBC 的资产通过此漏洞‘重新铸造’到了黑客的钱包中。然后他们将 IBC 转出。 “铸造”的代币在退出时被“烧毁”。因此,从 Chain、IBC 和 Relayer 的角度来看,从技术上讲,这些代币的开发量在 Terra 上已经不存在了。这些代币的 TVL 完全是假的。”

黑客已经退出了他被盗的资产,不是通过 Cosmos,而是通过将它们桥接回以太坊并将其交换为以太坊 (ETH)。

针对安全漏洞,开发团队迅速采取行动,停止了区块链以防止进一步的利用。暂停已向社区宣布,并提供了具体细节:“请注意,该链将很快在区块高度 11430400 处暂停,在此期间将不会处理交易。我们将与 Terra (phoenix-1) 上的验证者合作,随后应用紧急补丁来修复可疑的漏洞。”

停止后大约四个小时,开发团队部署了紧急补丁来纠正被利用的漏洞并加强区块链的防御。此次更新对于恢复正常的区块链活动至关重要:“Terra 链已于世界标准时间今天凌晨 4:19 左右恢复区块生产,紧急链升级现已完成。交易正在处理中,用户可以恢复正常活动。在 Terra 上拥有超过 67% 投票权的验证者已升级其节点,以防止该漏洞再次发生。预计很快会有更多验证器升级。”

以上是Terra 区块链黑客攻击和中断:发生了什么?的详细内容。更多信息请关注PHP中文网其他相关文章!

声明
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系admin@php.cn
Gemini Crypto Exchange Delisting LUNC, SNX, QRDO, and ZBCGemini Crypto Exchange Delisting LUNC, SNX, QRDO, and ZBCAug 22, 2024 pm 03:42 PM

Gemini's move to delist these cryptocurrencies arises from evaluating the assets on its market. The exchange regularly assesses the sustainability

TFL May Burn 1 Billion USTC and 275 Billion LUNC Tokens as Part of Chapter 11 Bankruptcy ProceedingsTFL May Burn 1 Billion USTC and 275 Billion LUNC Tokens as Part of Chapter 11 Bankruptcy ProceedingsSep 10, 2024 am 03:26 AM

According to validator HappyCatKripto, Terraform Labs (TFL) could burn 1 billion USTC and 275 billion Terra Luna Classic (LUNC) tokens as part of its Chapter 11 bankruptcy proceedings.

Terra Luna Classic (LUNC) Network Makes Strides Despite Early 2022 CollapseTerra Luna Classic (LUNC) Network Makes Strides Despite Early 2022 CollapseSep 18, 2024 pm 06:01 PM

The team of developers that took over from the Terra Luna Foundation to build a robust web3 ecosystem has made significant strides in the Terra Luna Classic (LUNC) network.

Indodax Hacked for $22M as Lazarus Group Suspected, Exchange Halts OperationsIndodax Hacked for $22M as Lazarus Group Suspected, Exchange Halts OperationsSep 12, 2024 pm 09:15 PM

Indodax, Indonesia's largest cryptocurrency exchange, was hit by a massive cyber attack on September 11, 2024. It resulted in the loss of $22 million.

Terra Luna Classic (LUNC) Tax2Gas Upgrade Completes, Focus Shifts Back to DevelopmentTerra Luna Classic (LUNC) Tax2Gas Upgrade Completes, Focus Shifts Back to DevelopmentSep 08, 2024 am 09:09 AM

One of the core developers for Terra Luna Classic, Genuine Labs has confirmed the completion of the long-awaited Tax2Gas redefinition upgrade.

Kylian Mbappé's Twitter Account Hacked, MBAPPE Token Released, Then DeletedKylian Mbappé's Twitter Account Hacked, MBAPPE Token Released, Then DeletedAug 30, 2024 pm 09:07 PM

French football star Kylian Mbappe's Twitter account was hacked and released the token MBAPPE, which has now been deleted. The market value of MBAPPE tokens surged to tens of millions in a few minutes and then quickly returned to zero.

Hackers Take Over McDonald's Social Media Page to Shill and Dump Fake Memecoin Based on Grimace CharacterHackers Take Over McDonald's Social Media Page to Shill and Dump Fake Memecoin Based on Grimace CharacterAug 22, 2024 pm 09:48 PM

In the vast world of blockchain and cryptocurrencies where token-related scams are rife, hackers took over a food chain giant's social media page to shill

Terra Luna Classic (LUNC) Gains Traction Following a Significant Weekly Token Burn of 320 Million LUNCTerra Luna Classic (LUNC) Gains Traction Following a Significant Weekly Token Burn of 320 Million LUNCOct 23, 2024 pm 03:22 PM

Terra Luna Classic's price has climbed alongside the increasing burn activity. Over 320 million LUNC tokens were removed from circulation this past week.

热AI工具

Undresser.AI Undress

Undresser.AI Undress

人工智能驱动的应用程序,用于创建逼真的裸体照片

AI Clothes Remover

AI Clothes Remover

用于从照片中去除衣服的在线人工智能工具。

Undress AI Tool

Undress AI Tool

免费脱衣服图片

Clothoff.io

Clothoff.io

AI脱衣机

AI Hentai Generator

AI Hentai Generator

免费生成ai无尽的。

热门文章

R.E.P.O.能量晶体解释及其做什么(黄色晶体)
2 周前By尊渡假赌尊渡假赌尊渡假赌
仓库:如何复兴队友
1 个月前By尊渡假赌尊渡假赌尊渡假赌
Hello Kitty Island冒险:如何获得巨型种子
4 周前By尊渡假赌尊渡假赌尊渡假赌

热工具

安全考试浏览器

安全考试浏览器

Safe Exam Browser是一个安全的浏览器环境,用于安全地进行在线考试。该软件将任何计算机变成一个安全的工作站。它控制对任何实用工具的访问,并防止学生使用未经授权的资源。

SublimeText3 Linux新版

SublimeText3 Linux新版

SublimeText3 Linux最新版

SublimeText3汉化版

SublimeText3汉化版

中文版,非常好用

记事本++7.3.1

记事本++7.3.1

好用且免费的代码编辑器

SublimeText3 Mac版

SublimeText3 Mac版

神级代码编辑软件(SublimeText3)