答案已發布26 來源
730萬美金蒸發!DxSale「殭屍合約」埋伏269日大揭秘
2026年5月28至29日,黑客從BNB Chain上超過1,400個已被廢棄嘅DxSale流動性池,偷走約730萬美金,而呢次行動嘅伏線,其實喺9個月前一次秘密嘅合約擁有權轉移已經埋下。 攻擊針對嘅係DxSale嘅「舊版鎖倉合約」,黑客喺2025年8月攞到控制權後,利用管理員特權犯案,赤裸裸咁展示咗冇人打理但仲鎖住錢嘅「殭屍合約」有幾咁危險。
711K0
AI 提示
openai.comCreate a landscape editorial hero image for this Studio Global article: What was the recent DxSale exploit on BNB Chain, including how much was stolen, which contracts were targeted, how the attackers executed th. Article summary: On May 28–29, 2026, attackers exploited **DxSale's legacy liquidity locker contracts** on BNB Chain, draining approximately **$7.3 million** from over **1,400 old liquidity pools** that had been locked since the 2021 bul. Topic tags: general, documentation, general web, user generated. Reference image context from search candidates: Reference image 1: visual subject "Binance's BNB chain was temporarily halted during an attack on Thursday. Almost $600 million worth of BNB was taken by an unknown hacker." source context "Explained: How $600M was stolen from Binance's BNB chain" Reference image 2: visual subject "Binance's BNB chain was temporarily halted during a
喺2026年5月底,一個手法精密嘅攻擊者,成功由BNB Chain上面超過1,400個流動性池度,夾埋偷走咗大約730萬美金 。佢嘅目標並唔係咩新潮高科技協議,而係DxSale——一個喺2021年牛市好紅嘅發射台(Launchpad)——留低嗰堆被世人遺忘嘅舊智能合約。呢單嘢好似一個響亮嘅警號,提醒我哋「殭屍合約」有幾咁危險:呢啲冇人打理但仲鎖住錢嘅DeFi基礎設施,只要管理員私鑰(Admin Keys)保安做得唔好,或者冇放棄控制權(Renounced),就會變成一個隨時爆炸嘅計時炸彈。
目標:DxSale被遺忘嘅「舊版鎖倉合約」
呢次攻擊嘅目標,只係DxSale嘅「舊版流動性鎖倉合約」(Legacy Liquidity Locker Contracts)。呢啲合約嘅設計原意,係將流動性提供者(LP)代幣鎖定一段時間,好多新嘅加密貨幣項目都會咁做嚟建立信譽。而家俾人針對嗰批合約,係嚟自2021年嘅古董,早已經冇人主動維護,但入面竟然仲鎖住嗰個年代可觀嘅流動性 。
呢批舊合約因為仲保留住敏感嘅「擁有者特權功能」,搞到成個保安漏洞百出。保安公司SlowMist將呢次攻擊手法歸類為 「擁有權覆蓋攻擊」(Ownership Override Attack) 。黑客利用佢對合約嘅控制權,做咗幾樣嘢:將提取費用set到接近零、將解鎖時間篡改返去1970年,然後透過一個自己寫嘅「排水器合約」,自出自入咁將鎖倉嘅LP代幣全部抽走 。
Studio Global AI
Search, cite, and publish your own answer
Use this topic as a starting point for a fresh source-backed answer, then compare citations before you share it.
人們還問
「730萬美金蒸發!DxSale「殭屍合約」埋伏269日大揭秘」的簡短答案是什麼?
2026年5月28至29日,黑客從BNB Chain上超過1,400個已被廢棄嘅DxSale流動性池,偷走約730萬美金,而呢次行動嘅伏線,其實喺9個月前一次秘密嘅合約擁有權轉移已經埋下。
首先要驗證的關鍵點是什麼?
2026年5月28至29日,黑客從BNB Chain上超過1,400個已被廢棄嘅DxSale流動性池,偷走約730萬美金,而呢次行動嘅伏線,其實喺9個月前一次秘密嘅合約擁有權轉移已經埋下。 攻擊針對嘅係DxSale嘅「舊版鎖倉合約」,黑客喺2025年8月攞到控制權後,利用管理員特權犯案,赤裸裸咁展示咗冇人打理但仲鎖住錢嘅「殭屍合約」有幾咁危險。
接下來在實務上我該做什麼?
雖然2026年第一季DeFi黑客損失按年跌咗89%到1.69億美金,但DxSale事件只係序幕,隨後嘅4月更成為加密貨幣史上被黑得最甘嘅月份,單月損失超過6億美金。
來源
- coingabbar.comCan DxSale Users Recover Funds After $7.3M LP Loss? - CoinGabbar
- cryptotimes.ioHackers Drain $7.3M From DxSale's Old BNB Chain Liquidity Lockers
- namecoinnews.comDxSale Legacy Locker Hack Drains $7.3M from 1,400 BNB Pools
- docs.dxsale.networkRead me to start | DxSale
- hacked.slowmist.ioSlowMist Hacked - SlowMist Zone
- dlnews.comDeFi whitehats spotted a bug that risked $5.2m. They were offered a $500 bounty
Loading comments...
Comments
0 comments