Overview of Crypto Drainers
加密流水機(jī)的概述
As the cryptocurrency market continues to evolve, so do the tactics employed by malicious actors to steal user funds. The latest threat, crypto drainers, has been gaining prevalence in recent years. In contrast to more conventional methods such as private key theft and smart contract exploitation, drainers pose as web3 projects to trick victims into granting them control of their crypto wallets. These scams have affected a wide range of users, with even high-profile figures like Mark Cuban and Seth Green falling prey. The amounts stolen can be staggering, with some drainers reportedly siphoning off several million dollars from their victims. Recently, Chainalysis shared insights into details of Crypto Drainers.
隨著加密貨幣市場的不斷發(fā)展,惡意行為者竊取用戶資金的手段也在不斷翻新。近年來,加密貨幣泄密者這一最新威脅日益猖獗。與竊取私鑰和利用智能合約等更傳統(tǒng)的方法不同,流失者會偽裝成 web3 項(xiàng)目,誘騙受害者授予他們加密貨幣錢包的控制權(quán)。這些騙局影響了眾多用戶,甚至連馬克-庫班(Mark Cuban)和塞斯-格林(Seth Green)等知名人士也上當(dāng)受騙。盜取的金額可能非常驚人,據(jù)說有些盜取者從受害者那里盜取了幾百萬美元。最近,Chainalysis 分享了對加密貨幣放水者細(xì)節(jié)的洞察。
Understanding How Crypto Drainers Operate
了解加密流水機(jī)的運(yùn)作方式
A crypto drainer is essentially a phishing tool designed for the web3 ecosystem. Instead of stealing usernames and passwords, the operators of these scams masquerade as legitimate web3 projects. They lure victims into connecting their crypto wallets to the drainer and approving transaction proposals, which effectively grant the scammers control of the funds in the victims' wallets. Following a successful attack, the drainers can instantly steal users' funds. The fraudulent web3 sites are often promoted in Discord communities and on compromised social media accounts.
加密流水機(jī)本質(zhì)上是為Web3生態(tài)系統(tǒng)設(shè)計(jì)的網(wǎng)絡(luò)釣魚工具。這些騙局的操作員沒有竊取用戶名和密碼,而是將用戶名為合法的Web3項(xiàng)目。他們誘使受害者將其加密錢包與排水店聯(lián)系起來,并批準(zhǔn)交易提案,這有效地使騙子控制了受害者錢包中的資金。成功攻擊后,排水渠可以立即竊取用戶的資金。欺詐性的Web3網(wǎng)站通常在不和諧社區(qū)和受損的社交媒體帳戶中促進(jìn)。
The Impact of Crypto Drainers on the Crypto Ecosystem
加密流失者對加密生態(tài)系統(tǒng)的影響
While it is challenging to ascertain the total amount stolen by crypto drainers due to underreporting, the available data suggests that the scale of these scams is significant. In fact, the quarterly growth rate in value stolen by drainers has outpaced that of ransomware, another fast-growing category of cybercrime. After stealing digital assets, the criminals typically rely on various crypto services to launder the funds or convert them into cash. There has been a noticeable increase in funds sent by drainers to mixing services since 2021, while the funds sent to centralized exchanges have decreased. Some drainers are also using gambling services, albeit on a smaller scale.
盡管由于報道不足,因此確定加密貨幣排水池偷走的總量是一個挑戰(zhàn),但可用的數(shù)據(jù)表明,這些騙局的規(guī)模很大。實(shí)際上,排水量偷走的價值增長率已經(jīng)超過了勒索軟件的勒索軟件,這是另一個快速增長的網(wǎng)絡(luò)犯罪類別。竊取數(shù)字資產(chǎn)后,犯罪分子通常依靠各種加密服務(wù)來洗錢或?qū)⑵滢D(zhuǎn)換為現(xiàn)金。自2021年以來,排水渠向混合服務(wù)發(fā)送的資金顯著增加,而發(fā)送給集中式交易所的資金減少了。一些排水器還使用賭博服務(wù),盡管規(guī)模較小。
Bitcoin's Encounter with Crypto Drainers
比特幣與加密流水機(jī)的相遇
While most drainers currently operate within the Ethereum ecosystem, an unusual drainer exploiting the Bitcoin blockchain has been identified. This drainer created a fake web page posing as Magic Eden, the primary NFT platform for Bitcoin Ordinals. As of April 2024, this drainer has allegedly stolen approximately $500,000 in over 1,000 malicious transactions. Despite Bitcoin not being as widely used for web3 services as other assets, several other Bitcoin drainers have already targeted the Ordinals trading community.
盡管大多數(shù)排水器目前都在以太坊生態(tài)系統(tǒng)中運(yùn)行,但已經(jīng)確定了利用比特幣區(qū)塊鏈的異常排水器。該排水器創(chuàng)建了一個假裝的偽造網(wǎng)頁,該頁面是Magic Eden,這是比特幣序列的主要NFT平臺。截至2024年4月,據(jù)稱該排水店已偷走了1,000多筆惡意交易中約500,000美元。盡管比特幣沒有像其他資產(chǎn)那樣廣泛用于Web3服務(wù),但其他幾個比特幣排水器已經(jīng)針對了序列交易界。
Preventing Crypto Drainer Attacks
防止加密流失攻擊
As the operators of crypto drainers become increasingly sophisticated, it is crucial for web3 projects and users to implement various security measures to guard against these scams. Web3 security extensions such as Wallet Guard can identify phishing pages and websites, and assess security risks associated with cryptocurrency wallets. Users can also reduce their exposure to drainers by using an offline wallet to store valuable or large volumes of assets, only transferring funds to a hot wallet when necessary. In addition, they should be wary of links promoted in chat rooms or on social media, which may not be associated with a project's official account. If a user needs to connect to an unfamiliar web3 site, they can create a temporary wallet that doesn't contain any assets and connect it to the site. If a victim's assets are stolen by a drainer, they can cancel incomplete transactions.
隨著加密流水機(jī)的運(yùn)營商變得越來越復(fù)雜,對于Web3項(xiàng)目和用戶來說,執(zhí)行各種安全措施以防止這些騙局至關(guān)重要。Web3安全性擴(kuò)展名(例如錢包衛(wèi)隊(duì))可以識別網(wǎng)絡(luò)釣魚頁面和網(wǎng)站,并評估與加密貨幣錢包相關(guān)的安全風(fēng)險。用戶還可以通過使用離線錢包存儲有價值或大量資產(chǎn),僅在必要時將資金轉(zhuǎn)移到熱錢包時,可以減少其對排水溝的接觸。此外,他們應(yīng)該警惕在聊天室或社交媒體上促進(jìn)的鏈接,這可能與項(xiàng)目的官方帳戶無關(guān)。如果用戶需要連接到不熟悉的Web3網(wǎng)站,則可以創(chuàng)建一個不包含任何資產(chǎn)并將其連接到該站點(diǎn)的臨時錢包。如果受害者的資產(chǎn)被排水庫偷走,他們可能會取消不完整的交易。
瘋狂英語 英語語法 新概念英語 走遍美國 四級聽力 英語音標(biāo) 英語入門 發(fā)音 美語 四級 新東方 七年級 賴世雄 zero是什么意思南京市梅苑新邨英語學(xué)習(xí)交流群