-
BTC 66,412.61 (-0.70%) -
ARS 1,109.60 (+0.71%) -
ETH 3,083.84 (-1.10%) -
SOL 170.56 (-1.35%) -
PEPE <0.01 (-3.15%) -
BONK <0.01 (-2.37%) -
WIF 2.56 (-0.56%) -
DOGE 0.15 (-1.97%) -
LINK 16.51 (+0.63%) -
FTM 0.86 (-3.84%) -
RNDR 10.05 (-3.27%) -
BOME 0.01 (-3.97%) -
XRP 0.51 (-1.86%) -
CREAM 85.70 (+47.25%) -
NEAR 7.80 (-1.27%) -
RUNE 6.63 (-2.50%) -
ORDI 40.32 (-2.23%) -
ENA 0.72 (-4.67%) -
FLOKI <0.01 (-4.63%) -
BCH 485.60 (+2.43%) -
AVAX 35.81 (-3.76%) -
PYTH 0.37 (-15.09%) -
RSR <0.01 (-1.82%) -
PEOPLE 0.04 (-2.35%) -
WLD 4.72 (-5.39%) -
FIL 5.58 (-4.47%) -
ICP 12.64 (-4.28%) -
AEVO 0.79 (-3.89%) -
FARM 79.14 (+17.65%)
平衡器将社会工程攻击归咎于DNS提供商进行网站劫持
(Balancer blames social engineering attack on DNS provider for website hijack)
Published: 2023-09-21
1. 平衡器社会工程攻击和DNS提供商前端劫持 本文的主要焦点围绕针对Balancer的社会工程攻击,这是一种流行的去中心化金融(DeFi)协议. 该攻击利用了 DNS 提供商前端的漏洞,导致 Balancer 网站被劫持,从而损害了用户资金. 攻击者采用了多种策略,包括操纵DNS记录,创建欺诈界面,以及利用复杂的交易策略从受损的流动性池中抽取资金。. 结果,价值约50万美元的大量资金被盗. 攻击的社会工程方面凸显了人类漏洞在网络安全领域的重要性. 通过冒充合法的 Balancer 开发人员并获得对敏感信息的访问权限,攻击者能够制造出令人信服的攻击,误导用户并利用信任.
2. 去中心化金融(DeFi)协议中的漏洞 该事件凸显了与DeFi协议相关的固有风险. 虽然它们提供了许多优势,例如无需许可访问和金融包容性,但缺乏集中控制会使用户面临各种漏洞. 在这种情况下,DNS提供商前端的入侵允许攻击者操纵网站界面,导致用户在不知不觉中与恶意代码进行交互. 该事件还引发了对DeFi项目安全措施的担忧,因为攻击者利用Balancer智能合约中的漏洞来耗尽受损的流动性池。. 这凸显了持续审计、测试和改进 DeFi 协议以降低此类风险的必要性。.
3. 对DeFi生态系统和去中心化金融信任的影响 平衡器攻击引发了对DeFi生态系统整体安全性和可信度的质疑. 像这样的事件可能会削弱人们对去中心化金融的信心,并阻碍其广泛采用。. 随着DeFi继续吸引注意力和投资,开发人员和用户都必须优先考虑安全措施并实施强大的保护措施来抵御潜在攻击. 虽然 Balancer 团队迅速做出反应,暂停了易受攻击的智能合约并进行了调查,但这一事件提醒人们,没有系统可以完全免受攻击。. 它强调了在技术防御和用户教育方面不断改进的必要性,以确保去中心化金融的长期可持续性和可信度。. 综上所述,本文主要关注 Balancer 社会工程攻击和 DNS 提供商前端劫持. 它讨论了DeFi协议中的漏洞,对生态系统的影响,以及需要增加安全措施来保护用户资金并保持对去中心化金融的信任。. .
1. Balancer Social Engineering Attack and DNS Provider Frontend Hijack The main focus of the article revolves around a social engineering attack that targeted Balancer,a popular decentralized finance (DeFi) protocol. The attack exploited vulnerabilities in the DNS provider's frontend,leading to the hijacking of the Balancer website and consequently compromising user funds. The attackers employed a combination of tactics,including manipulating the DNS records,creating a fraudulent interface,and utilizing complex trading strategies to drain funds from compromised liquidity pools. As a result,a significant amount of funds,valued at approximately $500,000,were stolen. The social engineering aspect of the attack highlights the importance of human vulnerability in the cybersecurity landscape. By impersonating a legitimate Balancer developer and gaining access to sensitive information,the attackers were able to craft a convincing attack that misled users and exploited trust.
2. Vulnerabilities in Decentralized Finance (DeFi) Protocols The incident underscores the inherent risks associated with DeFi protocols. While they offer numerous advantages such as permissionless access and financial inclusion,the lack of centralized control exposes users to various vulnerabilities. In this case,the compromise of the DNS provider's frontend allowed the attackers to manipulate the website interface,leading users to unknowingly interact with malicious code. The incident also raises concerns about the security practices of DeFi projects,as the attackers exploited vulnerabilities in Balancer's smart contracts to drain the compromised liquidity pools. This highlights the need for continuous auditing,testing,and improvement of DeFi protocols to mitigate such risks.
3. The Impact on the DeFi Ecosystem and Trust in Decentralized Finance The Balancer attack raises questions about the overall security and trustworthiness of the DeFi ecosystem. Incidents like this can erode confidence in decentralized finance and hinder its widespread adoption. As DeFi continues to attract attention and investment,it is crucial for developers and users alike to prioritize security measures and implement robust safeguards against potential attacks. While the Balancer team responded swiftly by suspending the vulnerable smart contract and conducting an investigation,the incident serves as a reminder that no system is completely immune to attacks. It highlights the need for continuous improvement in both technical defenses and user education to ensure the long-term sustainability and trustworthiness of decentralized finance. In summary,the article primarily focuses on the Balancer social engineering attack and the DNS provider frontend hijack. It discusses the vulnerabilities in DeFi protocols,the impact on the ecosystem,and the need for increased security measures to protect user funds and maintain trust in decentralized finance.
Reference: cointelegraph.com
交易量最大的硬币
(每1小时更新一次)
| 在 | 从 | 是 ($US) | 周转 ($) |
|---|---|---|---|
| 1 | BTC |
66,412.61 | 1,220,437,542.15 |
| 2 | ARS |
1,109.60 | 779,362,609.90 |
| 3 | ETH |
3,083.84 | 518,262,136.25 |
| 4 | SOL |
170.56 | 462,518,468.84 |
| 5 | PEPE |
<0.01 | 181,837,398.77 |
| 6 | BONK |
<0.01 | 159,987,156.54 |
| 7 | WIF |
2.56 | 141,866,946.95 |
| 8 | DOGE |
0.15 | 112,662,761.28 |
| 9 | LINK |
16.51 | 84,704,096.27 |
| 10 | FTM |
0.86 | 79,118,833.02 |
| 11 | RNDR |
10.05 | 72,606,301.22 |
| 12 | BOME |
0.01 | 66,775,385.37 |
| 13 | XRP |
0.51 | 61,453,484.89 |
| 14 | CREAM |
85.70 | 58,215,784.49 |
| 15 | NEAR |
7.80 | 57,849,119.49 |
| 16 | RUNE |
6.63 | 57,125,611.14 |
| 17 | ORDI |
40.32 | 48,937,084.82 |
| 18 | ENA |
0.72 | 48,536,017.71 |
| 19 | FLOKI |
<0.01 | 45,266,611.84 |
| 20 | BCH |
485.60 | 43,519,752.30 |
| 21 | AVAX |
35.81 | 40,331,290.26 |
| 22 | PYTH |
0.37 | 39,078,106.33 |
| 23 | RSR |
<0.01 | 37,234,041.62 |
| 24 | PEOPLE |
0.04 | 36,288,381.56 |
| 25 | WLD |
4.72 | 33,761,073.29 |
| 26 | FIL |
5.58 | 30,891,452.96 |
| 27 | ICP |
12.64 | 30,316,899.52 |
| 28 | AEVO |
0.79 | 28,953,757.37 |
| 29 | FARM |
79.14 | 28,086,051.89 |
价格快速上涨的硬币
(每1分钟更新一次)
| 在 | 从 | 是 ($US) | 更多的 (%) |
|---|---|---|---|
| 1 | CREAM |
85.70 | +47.25 |
| 2 | FARM |
79.14 | +17.65 |
| 3 |  UNFI |
4.54 | +14.56 |
| 4 |  BNX |
1.08 | +8.26 |
| 5 |  OOKI |
<0.01 | +7.35 |
| 6 |  PHA |
0.19 | +4.22 |
| 7 |  VIC |
0.45 | +2.95 |
| 8 |  AR |
48.37 | +2.73 |
| 9 | BCH |
485.60 | +2.43 |
| 10 |  POND |
0.02 | +2.03 |
| 11 |  AKRO |
<0.01 | +1.55 |
| 12 |  ASR |
3.74 | +1.25 |
| 13 |  PAXG |
2,411.00 | +1.05 |
| 14 | LINK |
16.51 | +0.63 |
| 15 |  KP3R |
75.50 | +0.49 |
| 16 |  SSV |
43.02 | +0.33 |
| 17 |  USDP |
1.00 | +0.01 |
硬币的价格正在迅速下跌。
(每1分钟更新一次)
| 在 | 从 | 是 ($US) | 减少 (%) |
|---|---|---|---|
| 1 | PYTH |
0.37 | -15.09 |
| 2 |  BLZ |
0.28 | -11.48 |
| 3 |  TNSR |
0.81 | -10.20 |
| 4 |  LSK |
1.74 | -9.31 |
| 5 |  EPX |
<0.01 | -8.90 |
| 6 |  MANTA |
1.43 | -8.84 |
| 7 |  ZRX |
0.55 | -8.54 |
| 8 |  DIA |
0.46 | -8.44 |
| 9 |  STRK |
1.06 | -8.18 |
| 10 |  CITY |
3.12 | -8.02 |
| 11 |  POLYX |
0.42 | -7.80 |
| 12 |  SAGA |
2.06 | -7.70 |
| 13 |  AUCTION |
13.66 | -7.58 |
| 14 |  TIA |
8.81 | -7.56 |
| 15 |  FOR |
0.02 | -7.55 |
| 16 |  ACE |
4.53 | -7.54 |
| 17 |  BETA |
0.06 | -7.38 |
| 18 |  ALCX |
23.45 | -6.87 |
| 19 |  OMNI |
13.78 | -6.64 |
| 20 |  HOOK |
0.78 | -6.52 |
| 21 |  MAV |
0.35 | -6.47 |
| 22 |  HIFI |
0.76 | -6.27 |
| 23 | ![Quickswap [OLD] title=](https://titdoi.com/coins-images-mini/QUICK-quick.webp){kind=small} QUICK |
0.05 | -6.20 |
| 24 |  PIXEL |
0.34 | -6.19 |
| 25 |  XAI |
0.59 | -6.14 |
| 26 |  RPL |
18.37 | -6.13 |
| 27 |  COS |
<0.01 | -6.08 |
| 28 |  CTXC |
0.32 | -6.07 |
| 29 |  MBOX |
0.33 | -6.01 |
| 30 |  YGG |
0.85 | -5.95 |
Bitcoin's Greed and Fear Index.
?70
Greed
Global CryptoCurrency News
?(See more news ...)
美国新闻 对市场有重大影响的
| 在 | 消息 | 天 | 日期 | 时间 |
|---|---|---|---|---|
| 1 | 美联储主席(杰罗姆鲍威尔)声明 (Fed Chair Powell Speaks) | 周一 (Mon) | 20-05-2024 | 03:30 |
| 2 | FOMC Member Bostic Speaks (FOMC Member Bostic Speaks) | 周一 (Mon) | 20-05-2024 | 19:30 |
| 3 | FOMC Member Bostic Speaks (FOMC Member Bostic Speaks) | 周一 (Mon) | 20-05-2024 | 20:45 |
| 4 | 美联储成员 (Christopher J. Waller) 声明 (FOMC Member Waller Speaks) | 周一 (Mon) | 20-05-2024 | 21:00 |
| 5 | 美联储成员(巴尔)声明 (FOMC Member Barr Speaks) | 周一 (Mon) | 20-05-2024 | 21:00 |
| 6 | 美联储成员(杰斐逊)声明 (FOMC Member Jefferson Speaks) | 周一 (Mon) | 20-05-2024 | 22:30 |
| 7 | 美联储成员 (Loretta J. Mester) 声明 (FOMC Member Mester Speaks) | 周二 (Tue) | 21-05-2024 | 02:00 |
| 8 | 美国财政部长 (Jenet Yellen) 声明 (Treasury Sec Yellen Speaks) | 周二 (Tue) | 21-05-2024 | 16:00 |
| 9 | 美联储成员 (Christopher J. Waller) 声明 (FOMC Member Waller Speaks) | 周二 (Tue) | 21-05-2024 | 21:00 |
| 10 | FOMC Member Barkin Speaks (FOMC Member Barkin Speaks) | 周二 (Tue) | 21-05-2024 | 21:00 |
| 11 | 美联储成员(威廉姆斯)声明 (FOMC Member Williams Speaks) | 周二 (Tue) | 21-05-2024 | 21:05 |
| 12 | FOMC Member Bostic Speaks (FOMC Member Bostic Speaks) | 周二 (Tue) | 21-05-2024 | 21:10 |
| 13 | 美联储成员(巴尔)声明 (FOMC Member Barr Speaks) | 周二 (Tue) | 21-05-2024 | 23:45 |
| 14 | 美联储成员 (Loretta J. Mester) 声明 (FOMC Member Mester Speaks) | 周三 (Wed) | 22-05-2024 | 07:00 |
| 15 | 美国房屋销售报告 (Existing Home Sales) | 周三 (Wed) | 22-05-2024 | 22:00 |
| 16 | 原油库存报告 (Crude Oil Inventories) | 周三 (Wed) | 22-05-2024 | 22:30 |
| 17 | 美联储货币政策委员会会议 (FOMC Meeting Minutes) | 周四 (Thur) | 23-05-2024 | 02:00 |
| 18 | 美国失业人数 (Unemployment Claims) | 周四 (Thur) | 23-05-2024 | 20:30 |
| 19 | 美国商品的估计产量 (Flash Manufacturing PMI) | 周四 (Thur) | 23-05-2024 | 21:45 |
| 20 | 美国服务估计 (Flash Services PMI) | 周四 (Thur) | 23-05-2024 | 21:45 |
| 21 | 美国新屋销售报告 (New Home Sales) | 周四 (Thur) | 23-05-2024 | 22:00 |
| 22 | 天然气储量报告 (Natural Gas Storage) | 周四 (Thur) | 23-05-2024 | 22:30 |
| 23 | FOMC Member Bostic Speaks (FOMC Member Bostic Speaks) | 星期五 (Fri) | 24-05-2024 | 03:00 |
| 24 | 每月耐用品订单报告 (Core Durable Goods Orders m/m) | 星期五 (Fri) | 24-05-2024 | 20:30 |
| 25 | 耐用品月度订单 (Durable Goods Orders m/m) | 星期五 (Fri) | 24-05-2024 | 20:30 |
| 26 | 美联储成员 (Christopher J. Waller) 声明 (FOMC Member Waller Speaks) | 星期五 (Fri) | 24-05-2024 | 21:35 |
| 27 | 提高消费者信心指数 (Revised UoM Consumer Sentiment) | 星期五 (Fri) | 24-05-2024 | 22:00 |
| 28 | 预期通胀报告 来自密歇根大学 (Revised UoM Inflation Expectations) | 星期五 (Fri) | 24-05-2024 | 22:00 |
