8月10日,跨链互操作协议Poly Network突然遭到攻击,黑客在以太坊、BSC、Polygon链上盗走了高达6.1亿美元的虚拟货币。数以万计的投资者被波及,其中,通过O3 Swap挖矿的用户也被影响。
一位参与O3 Swap的投资者,向解放日报·上观新闻讲述了自己惊心动魄的经历。
8月的一个普通夜晚,杜晓山(化名)在睡梦中接到了朋友的电话,出事了。
On an ordinary night in August, Dow Xiaoshan received a phone call from a friend in his sleep, and something happened.
当天,区块链跨链互操作性协议Poly Network遭到黑客攻击,短短34分钟,包括以太坊、比特币在内价值超6.1亿美元(约合人民币40亿元)的虚拟货币被黑客洗劫一空。杜晓山通过朋友投资的一个虚拟货币项目——O3 Swap也牵连其中,其跨链功能是基于Poly Network所搭建。
On the same day, Poly Network, a block chain interoperability agreement, was hit by hackers for a short period of 34 minutes, and a virtual currency worth over $610 million (about $4 billion) was looted by hackers, including in Taiku and Bitcoin. Dowsing Mountain was also implicated in a virtual currency project, O3 Swap, invested through friends, whose cross-link function is based on PolyNetwork.
随着这次洗劫,杜晓山投入项目的200万元人民币,分文不剩。
With the looting, Dow Xiaoshan invested 2 million yuan in the project, amounting to no more.
那一瞬间,他几乎要晕过去。
At that moment, he almost passed out.
杜晓山其实并不大明白Poly Network到底是啥,也不懂O3 Swap意味着什么。听人介绍,凭借这两个东西,用户可以使用不同虚拟货币直接进行等价交换,比如可以用比特币直接换成同样价值的以太坊。为了方便各个不同区块链之间虚拟货币的兑换,就需要一个资金池作为中介。
Doo Xiaoshan does not really know exactly what Poly Network means, nor what O3 Swap means. By these two things, users can exchange the equivalent directly using different virtual currencies, such as Bitcoin for the same value Etha. In order to facilitate the exchange of virtual currencies between the chains of different blocks, a pool of funds is needed as an intermediary.
当初,朋友告诉他这个项目正在融资,通过每笔交易产生的奖励,也就是所谓的“挖矿”,年化收益率可以达到20%。虽然杜晓山不是很懂,但当时虚拟货币市场实在火爆,看着这么高的收益率,他毫不犹豫地加入了。
At the time, a friend told him that the project was being financed, and that the annualized rate of return could reach 20% through the incentives generated by each transaction, the so-called “mining.” Although Dow Xiaoshan did not understand it, the virtual money market was really hot at the time, and he did not hesitate to join by looking at such a high rate of return.
现在,钱没赚到,多年积蓄反而被掳走,这如何能接受?杜晓山冷静下来,问朋友准备怎么办。
Now, how can it be accepted that the money has not been earned and that years of savings have been taken away? Dow Xiaoshan calmly and ask his friends what to do.
没想到朋友告诉他,没有办法,只有等待。
I didn't think friends would tell him that there was no way to just wait.
监管?虚拟货币如果有监管可能就不会出现这样的事故。
Regulation? Virtual currency, if regulated, would not have happened.
报警?在现有法律框架下,虚拟货币的普通投资者几乎无法得到帮助。
Warning? Under the existing legal framework, ordinary investors in virtual currency have little access to help.
朋友安慰杜晓山,还有希望,项目方正在和黑客联系,希望能够追回虚拟货币。
Friends comfort Mt. Doo Xiaoshan and hope that the project party is in contact with hackers in the hope of recovering the virtual currency.
挂了电话,杜晓山瘫倒在床上。他后悔,当时投资的时候也看到人民银行提示过虚拟货币的风险,但总觉得自己不是倒霉的那一个。
On the phone, Dow Xiaoshan collapsed on his bed. He regretted that the People's Bank had raised the risk of virtual currency when he was investing, but he felt that he was not the one who had bad luck.
之后,他每天都要问上几遍朋友,进展如何。朋友也很无奈,说起初有几天项目方完全不回应,最近才开始通报进展。
After that, he asked his friends a few times a day how it was going. He also said that for a few days there had been a complete lack of response from the project, and that he had only recently begun to report on the progress.
问得多了,朋友难免不耐烦,最后撂下一句:“你就当这笔钱打水漂了吧!”
If you ask a lot of questions, your friends will be impatient, and you will end up saying, "Just take this money and let it go."
200万元,哪是说打水漂就打水漂的?
Two million dollars. What do you mean?
杜晓山只能自己上网关注起事件进展。原来,事件发生以来,Poly Network一直试图与黑客沟通,也想办法冻结了一些虚拟货币。这位黑客也很有个性,竟然在网上搞起了自问自答,在回答“为什么会攻击”的问题时,黑客说:“为了好玩。”
Doo Xiaoshan can only follow the events online. Since then, Poly Network has been trying to communicate with hackers and try to freeze some virtual money. The hacker, too, has the character to ask himself online, and in answering the question, "Why attack?" The hacker says, "For fun."
不过,黑客的一句话让杜晓山燃起了希望:“我对金钱不是很感兴趣。”
However, the hacker's words raised hope in Dow Xiaoshan: “I'm not very interested in money.”
奇幻的一幕出现了。在项目方的“追捕威胁”和“循循善诱”下,黑客真的开始陆续退钱,几天之后,丢失的虚拟货币都回来了。
A miraculous scene appeared. Under the project's “hunting threats” and “following the path”, hackers really started to withdraw their money and, a few days later, lost virtual money came back.
但更奇幻的是,项目方和黑客竟然还“以和为贵”了。黑客一直对外表示,退回资金,并不是因为自己无法转移这些虚拟货币,而是自己志不在此,希望项目方能在这次攻击中学到一些东西。Poly Network官方随后表示,与黑客一直保持着紧密的联系,黑客在近几次的交谈中表现出了对平台网络安全状况和公司整体发展策略的担忧,并计划在官方的邀请下一起建设一个更强大的安全系统。该公司邀请这位黑客担任公司的技术顾问,并且赠予50万美金的奖励。
The hackers have been saying that they are not able to transfer the virtual money, but that they are not willing to do so, hoping that the project will learn something from the attack. Poly Network’s official has subsequently said that he has been in close contact with hackers, who, in recent conversations, have expressed concerns about the security of the platform’s network and corporate development strategies, and are planning to build a stronger security system together with an official invitation. The hacker has been invited to act as a technical adviser to the company and has given a $500,000 reward.
尘埃落定。杜晓山的200万元虚拟货币已经全部到账。但他一点高兴的感觉都没有,只有劫后余生的庆幸。
The dust is settled. The 2 million dollars of Dow Xiaoshan's virtual currency has been paid. But he's not happy at all, except for the rest of his life.
他和一些受害者一直在复盘整个过程,设想了各种可能。有人说是项目本身的确有漏洞,让人有机可乘。有人说是项目团队有内鬼,监守自盗。也有人说是团队自导自演,炒作名气。
He and some of the victims have been in the process of recycling and conceiving possibilities. Some say that the project itself does have loopholes that make it easier to exploit. Others say that the project team has insiders, that it is self-inflicted. Others say that the team is self-directed, that it is famous.
似乎都有可能,但没有人知道答案。唯一可以肯定的是,作为投资,这玩意太不靠谱,太不安全了。于是,没有一秒犹豫,杜晓山立刻把所有的虚拟货币兑现成了钞票。
It seems all possible, but no one knows the answer. The only certainty is that, as an investment, it's too unreliable, too insecure. So, without a second of hesitation, Dow Xiaoshan immediately cashed all the virtual money into the banknotes.
“以后再也不玩这种东西了。”杜晓山狠狠地说。尽管,有人早就告诉过他。
“Don't ever play with that kind of thing again.” Dow Xiaoshan said so harshly, though he was told long ago.
注册有任何问题请添加 微信:MVIP619 拉你进入群
打开微信扫一扫
添加客服
进入交流群
发表评论