答案已發布上週Last edited 6 天前26 來源

Gravity Bridge 遭「簽名密鑰洩漏」損失 540 萬美元

跨鏈橋 Gravity Bridge 於 2026 年 5 月 30 日損失約 540 萬美元，黑客懷疑透過洩漏的合約簽名密鑰提走 USDC、ETH、USDT 及 PAYG 代幣，而並非智能合約漏洞 [13] 黑客已將部分資產經 ChangeNOW 及幣安洗錢，目前仍持有約 2,102 ETH（約值 423 萬美元），成為鏈上追蹤的重要線索 [1][2][5] Gravity Bridge 透過 IBC 協議連接以太坊與 Cosmos 生態，出事前鎖倉總值約 1,150 萬美元，累計跨鏈交易量曾突破 500 億美元 [16][18]

使用 Studio Global AI 搜尋並查核事實瀏覽更多熱門頁面

547K0

Digital illustration of a broken bridge linking glowing Ethereum and Cosmos blockchains, with a red warning indicator over a key symbol to represent the $5.4 million Gravity Bridge — What happened in the suspected $5.4 million hack of Gravity Bridge on May 30, 2026, including the stolen assets, the cause (a signing key coAn abstract visualization of the Gravity Bridge exploit, emphasizing the key-management failure that drained $5.4 million from the Ethereum-Cosmos connector.
AI 提示
Create a landscape editorial hero image for this Studio Global article: What happened in the suspected $5.4 million hack of Gravity Bridge on May 30, 2026, including the stolen assets, the cause (a signing key co. Article summary: On May 30, 2026, the Gravity Bridge cross-chain protocol was exploited for approximately **$5.4 million** in a breach that on-chain investigators linked to a **suspected compromised signing or bridge contract key**.[7] T. Topic tags: general, general web. Reference image context from search candidates: Reference image 1: visual subject "* Hackers drained tBTC, ETH, and USDC from the Verus-Ethereum bridge before consolidating the funds into over 5,400 ETH held in a single wallet. **On May 18, an attacker drained ap" source context "Verus suffers $11.5M hack as bridge-related exploits hit $329M in 2026" Reference image 2: visual subject "Securing the heart of dig
openai.com

2026 年 5 月 30 日早上，區塊鏈安全平台陸續偵測到 Gravity Bridge 喺以太坊嗰邊嘅合約有異常資金流出。Gravity Bridge 係一個專門負責喺以太坊同 Cosmos 生態之間搬運資產嘅跨鏈協議。幾個鐘頭之內，鏈上分析師已經追蹤到大約 540 萬美元 資產被提走，而且好快就鎖定起因好可能係「簽名密鑰洩漏」，而唔係橋嘅智能合約代碼有漏洞。

單點故障被精準利用

鏈上調查員 Specter 最先報告呢單嘢，仲鎖定咗兩個同可疑提款有關嘅攻擊者地址。PeckShield 同 SlowMist 嘅分析師冇幾耐都證實咗相關發現，結論都指向 橋嘅合約密鑰或者簽名授權遭到洩漏 。

由於呢筆資金係從 Gravity Bridge 嘅以太坊驗證合約流出，而且用嘅係睇落「合法」嘅特權存取權限，所以證據唔似係典型嘅智能合約漏洞。反而，呢次攻擊似係有人揸住洩漏嘅私鑰，冒充橋嘅合法營運者嚟簽署交易，直接將錢提走。

Studio Global AI

Search, cite, and publish your own answer

Use this topic as a starting point for a fresh source-backed answer, then compare citations before you share it.

使用 Studio Global AI 搜尋並查核事實

人們還問