Wasabi Protocol 更新安全事件处理进展:尚未确认用户赔付最终方案
深潮 TechFlow 消息,5 月 09 日,Wasabi Protocol 发布安全事件更新,其中指出攻击者利用其 AWS 基础设施中的 Spring Boot Actuator 配置漏洞,窃取了控制 EVM 智能合约的私钥,并从相关合约中盗取约 480 万美元用户资金及 90 万美元协议金库资金,总损失约 570 万美元。
攻击链起始于一台用于分析的公网服务器,其 Actuator heap dump 未受到正常密码保护,导致攻击者获取了另一服务器凭证,并最终获得智能合约私钥控制权,此次事件仅影响 EVM 部署,包括以太坊、Base、Blast及 Berachain 上的部分金库,Solana 部署及 Prop AMM 未受影响。目前尚未就用户赔付方案给出最终更新方案,但“让所有受损用户得到补偿”仍是团队最高优先事项,未来将于 Discord 社群发布调查进展更新。
Disclaimer: OKX Orbit content is provided for informational purposes only. Learn more
Replies
Related Flash News
ChainCatcher•47m agoGate Ventures: Inflationary pressures hit the market, and institutions accelerated the deployment of stablecoins and on-chain financial infrastructure
ChainCatcher•2h agoSouth Korea's seventh-largest pension relief company lost about $32.73 million on investing in Ethereum-leveraged ETFs
Odaily•2h agoAt least eight senior executives of the Ethereum Foundation have left so far in 2026
ChainCatcher•5h agoThe share of staked ETH rose to 31%, diverging from the price action, and on-chain confidence continued to grow
ChainCatcher•7h agoThree major DeFi attacks in five days, with a total of 14 crypto hacking incidents in May
ChainCatcher•7h agoKelp: rsETH recovery makes key progress, with multiple DeFi protocols collectively liquidating attacker positions
ChainCatcher•7h agoEcho Protocol confirmed the attack and suspended all cross-chain transactions
ChainCatcher•8h agoData: A smart money bought 1,344.18 ETH on the chain again 10 hours ago, and now has a floating loss of $165,000
TechFlow•10h agoBinance will remove several spot trading pairs such as AVAX/ETH, CHZ/BTC, etc
ChainCatcher•10h agoEcho Protocol suffered an attack on the Monad chain, where hackers minted 1,000 eBTC and then withdrew funds through Curvance