關鍵說明

2月21日，Bybit的以太坊冷錢包被黑客入侵，導致盜竊14.6億美元。這次襲擊是歷史上最大的加密搶劫。

A state-sponsored North Korean hacking group, known as Lazarus Group, has reportedly stolen $1.46 billion from cryptocurrency exchange Bybit.

據報導，由州資助的朝鮮黑客組織被稱為拉撒路集團，已從加密貨幣交易所Bybit偷走了14.6億美元。

The heist, which was carried out in February and later confirmed by the FBI, ranks among the largest crypto heists in history.

搶劫案於2月進行，後來由聯邦調查局（FBI）確認，是歷史上最大的加密搶劫。

To infiltrate Bybit’s defenses, hackers used a “masked” transaction method and created a fake Safe wallet interface to deceive exchange security personnel into approving malicious transactions.

為了滲透Bybit的防禦，黑客使用了一種“蒙版”的交易方法，並創建了一個偽造的安全錢包界面，以欺騙交換安全人員批准惡意交易。

The incident began when a Bybit executive noticed an unusual transaction on Monday morning, an outgoing transfer from one of the exchange’s main hot wallets.

該事件始於拜特比特（Bybit）高管注意到週一早晨進行的不尋常交易，這是從交易所主要的熱錢包之一轉移的。

Upon closer inspection, the executive discovered that the transaction had been approved by a member of the exchange’s security team, despite the transaction details being visibly different from the original application submitted by the treasury department.

經過仔細檢查，執行官發現該交易已獲得交易所安全團隊成員的批准，儘管交易詳細信息與財政部提交的原始申請明顯不同。

In a statement to Blockworks, Ben Zhou, co-founder and CEO of Bybit, said the hackers used a new variant of an old trick to carry out the heist.

拜比特（Bybit）的聯合創始人兼首席執行官本·週（Ben Zhou）在向Blockworks的一份聲明中說，黑客使用了一種新的舊技巧來執行搶劫。

“They applied for one transaction but, using a masked transaction method, made the outgoing transaction details look different from the applied transaction details. Finally, they got approval for a transaction that was not applied for,” Zhou said.

“他們申請了一項交易，但是使用蒙版交易方法，即傳出交易詳細信息看起來與應用交易詳細信息不同。最後，他們獲得了未申請的交易的批准。”周說。

To complete the heist, hackers reportedly used a sophisticated phishing technique to create a fake version of the Safe wallet interface, which is used by exchange executives to approve large transactions.

為了完成搶劫案，據報導，黑客使用了一項複雜的網絡釣魚技術來創建一個偽造的安全錢包界面，交換高管將其用於批准大型交易。

After gaining access to one executive’s device, they displayed the fake interface, making it appear as though the exchange was receiving a large incoming transaction that needed approval. In reality, however, they were transferring funds out of the exchange.

在訪問一位高管的設備後，他們顯示了假界面，使它看起來好像正在獲得需要批准的大型收入交易。但是，實際上，他們正在從交易所轉移資金。

“The difference in the transaction applied for and the transaction approved was clear, and our internal investigation is ongoing. But we are confident that our security team was tricked by the sophisticated phishing techniques used by the hackers,” Zhou said.

“適用的交易和批准交易的差異很明顯，我們的內部調查正在進行中。但是我們有信心，我們的安全團隊被黑客使用的複雜網絡釣魚技術所欺騙。” Zhou說。

After several hours of transferring funds, hackers attempted to withdraw a final tranche of ETH to a UnionPay bank account in China. However, Bybit’s security team managed to identify and cancel the transaction in time.

經過幾個小時的轉移資金，黑客試圖將最終的ETH撤回中國的Unionpay銀行帳戶。但是，Bybit的安全團隊設法及時識別和取消交易。

In total, around $1.46 billion in crypto was stolen from Bybit’s Ethereum cold wallet over the course of several hours on Monday, February 20.

2月20日星期一的幾個小時內，總共大約14.6億美元的加密貨幣從拜比特的以太坊冷錢包中被盜。

The stolen funds included ETH, BTC, USDC and several other tokens.

被盜的資金包括ETH，BTC，USDC和其他幾個令牌。

After the heist, the FBI confirmed that the hackers were part of the Lazarus Group, a group of North Korean state-sponsored hackers who have previously been linked to several high-profile cyberattacks.

搶劫後，聯邦調查局確認黑客是拉撒路集團的一部分，拉撒路集團是一群朝鮮州議員的黑客，他們以前曾與幾個備受矚目的網絡攻擊有關。

In response to the heist, Zhou said that Bybit has declared “war” on the North Korean hackers.

為了回應搶劫案，周說，拜比特宣布對朝鮮黑客宣布“戰爭”。

“We will use all of our resources to bring these hackers to justice and recover the stolen funds,” he said.

他說：“我們將利用所有資源將這些黑客繩之以法並收回被盜的資金。”

The statement comes after the U.S. government last month placed sanctions on two North Korean officials for their role in cybercrime activities, including crypto theft.

該聲明是在美國政府上個月對兩名朝鮮官員在網絡犯罪活動中的作用（包括加密盜竊）作用的製​​裁之後發表的。

According to the Treasury Department, the two officials, Park Jin Hyok and Kim Il, are members of the Reconnaissance Bureau 121, the main intelligence agency of the North Korean government.

據財政部稱，兩位官員Park Jin Hyok和Kim Il是朝鮮政府的主要情報機構偵察局121的成員。

The statement said that Park, who is also known as “Ha Dae Sung,” previously worked in software development in China before returning to North Korea in 2011 to contribute his technical expertise to the government.

聲明說，帕克（Park）也被稱為“ Ha dae Sung”，此前曾在中國從事軟件開發工作，然後於2011年返回朝鮮，向政府貢獻了他的技術專業知識。

He is described by the FBI as part of a conspiracy responsible for some of the most damaging cyber intrusions in the world.

聯邦調查局將他描述為負責世界上一些最具破壞性的網絡入侵的陰謀的一部分。

“Park Jin Hyok is allegedly a state-sponsored North Korean computer programmer who is part of an alleged criminal conspiracy responsible for some of the costliest computer intrusions in history. These intrusions caused damage to computer systems of, and stole currency and virtual currency from, numerous victims,” the FBI said.

“據稱，帕克·金·霍克（Park Jin Hyok）是由國家贊助的朝鮮計算機程序員，他是涉嫌犯有歷史上最昂貴的計算機侵入的犯罪陰謀的一部分。這些侵入造成了眾多受害者對計算機系統的損害，並從眾多受害者中竊取了貨幣和虛擬貨幣。”聯邦調查局說。

The agency said that the intrusions caused widespread disruption to businesses and institutions, and personally affected countless individuals.

該機構表示，這些入侵造成了對企業和機構的普遍破壞，並影響了無數個人。

The statement added that Park is part of a group of North Korean hackers who have been indicted by a federal grand jury in the United States for their role in a hacking spree that targeted U.S. banks and institutions.

聲明補充說，公園是一群朝鮮黑客的一部分，他們因其在針對美國銀行和機構的黑客狂潮中的作用而被美國聯邦大陪審團起訴。

The indictment alleges that the hackers stole nearly $1 billion in bitcoin from an exchange in 2014, and attempted to steal $1 billion more.

起訴書稱，黑客在2014年的交易所偷走了將近10億美元的比特幣，並試圖竊取10億美元。

The indictment also said that the hackers used ransomware to encrypt the data of several U.S. hospitals, and threatened to delete the data unless they were paid a ransom.

起訴書還說，黑客使用勒索軟件來加密幾家美國醫院的數據，並威脅要刪除數據，除非他們獲得贖金。

The Treasury Department said that Kim, who is also known as “Maru,” is a subordinate of Park and has been involved in cybercrime activities since at least 2016.

財政部說，金（Kim）也被稱為“馬魯（Maru）”，是公園的下屬，至少從2016年開始就從事網絡犯罪活動。

He is said to have played a key role in developing and deploying malware that was used to steal cryptocurrencies from exchanges and individuals.

據說他在開發和部署用於從交易所和個人中竊取加密貨幣的惡意軟件方面發揮了關鍵作用。

The statement said that Kim oversaw a group of hackers who used a variety of phishing techniques to compromise user credentials and gain access to exchange accounts.

聲明說，金正日監督了一群使用各種網絡釣魚技術來損害用戶憑據並獲得交換帳戶的訪問權的黑客。

He is also said to have been involved in laundering the stolen cryptocurrencies through a network of cryptocurrency mixers and exchanges.

據說他還參與了通過加密貨幣混合器和交流網絡來洗滌被盜的加密貨幣。

“North Korean cyber actors are part of a state-

“朝鮮網絡演員是國家的一部分 -