Wasabi Protocol 更新安全事件处理进展:尚未确认用户赔付最终方案
深潮 TechFlow 消息,5 月 09 日,Wasabi Protocol 发布安全事件更新,其中指出攻击者利用其 AWS 基础设施中的 Spring Boot Actuator 配置漏洞,窃取了控制 EVM 智能合约的私钥,并从相关合约中盗取约 480 万美元用户资金及 90 万美元协议金库资金,总损失约 570 万美元。
攻击链起始于一台用于分析的公网服务器,其 Actuator heap dump 未受到正常密码保护,导致攻击者获取了另一服务器凭证,并最终获得智能合约私钥控制权,此次事件仅影响 EVM 部署,包括以太坊、Base、Blast及 Berachain 上的部分金库,Solana 部署及 Prop AMM 未受影响。目前尚未就用户赔付方案给出最终更新方案,但“让所有受损用户得到补偿”仍是团队最高优先事项,未来将于 Discord 社群发布调查进展更新。
Disclaimer: OKX Orbit content is provided for informational purposes only. Learn more
Replies
Related Flash News
Odaily•39m agoBitMart "BM Discovery" Zone Lists LO0P (LO0P)
ChainCatcher•2h agoGrayscale plans to launch a Cardano ETF
TechFlow•10h agoGarrett Jin deposited about 578,000 ETH into Binance in 4 days, and the current book loss is about $1.3 billion
Odaily•11h agoAnalysis: ETH/BTC continues to weaken below key moving averages, analysts warn there may still be 40% downside
TechFlow•21h agoThe floor price of BAYC doubled in January, and there are signs of recovery in the NFT market
ChainCatcher•21h agoSantiment: USDT on the Ethereum chain recorded the largest exchange net outflow in nearly three months on Friday
ChainCatcher•1d agoAnalyst: Multiple protocols migrated from LayerZero to Chainlink CCIP, with a combined TVL of more than $2 billion
ChainCatcher•1d agoData: The ETH chain ecological token sato rose by more than 77% during the day, continuing to hit a record high
ChainCatcher•1d agoA whale transferred $180 million worth of ETH to Binance
ChainCatcher•1d agoU.S. spot Bitcoin ETFs saw net inflows for six consecutive weeks, marking the longest streak in nine months