关键说明

2月21日，Bybit的以太坊冷钱包被黑客入侵，导致盗窃14.6亿美元。这次袭击是历史上最大的加密抢劫。

A state-sponsored North Korean hacking group, known as Lazarus Group, has reportedly stolen $1.46 billion from cryptocurrency exchange Bybit.

据报道，由州资助的朝鲜黑客组织被称为拉撒路集团，已从加密货币交易所Bybit偷走了14.6亿美元。

The heist, which was carried out in February and later confirmed by the FBI, ranks among the largest crypto heists in history.

抢劫案于2月进行，后来由联邦调查局（FBI）确认，是历史上最大的加密抢劫。

To infiltrate Bybit’s defenses, hackers used a “masked” transaction method and created a fake Safe wallet interface to deceive exchange security personnel into approving malicious transactions.

为了渗透Bybit的防御，黑客使用了一种“蒙版”的交易方法，并创建了一个伪造的安全钱包界面，以欺骗交换安全人员批准恶意交易。

The incident began when a Bybit executive noticed an unusual transaction on Monday morning, an outgoing transfer from one of the exchange’s main hot wallets.

该事件始于拜特比特（Bybit）高管注意到周一早晨进行的不寻常交易，这是从交易所主要的热钱包之一转移的。

Upon closer inspection, the executive discovered that the transaction had been approved by a member of the exchange’s security team, despite the transaction details being visibly different from the original application submitted by the treasury department.

经过仔细检查，执行官发现该交易已获得交易所安全团队成员的批准，尽管交易详细信息与财政部提交的原始申请明显不同。

In a statement to Blockworks, Ben Zhou, co-founder and CEO of Bybit, said the hackers used a new variant of an old trick to carry out the heist.

拜比特（Bybit）的联合创始人兼首席执行官本·周（Ben Zhou）在向Blockworks的一份声明中说，黑客使用了一种新的旧技巧来执行抢劫。

“They applied for one transaction but, using a masked transaction method, made the outgoing transaction details look different from the applied transaction details. Finally, they got approval for a transaction that was not applied for,” Zhou said.

“他们申请了一项交易，但是使用蒙版交易方法，即传出交易详细信息看起来与应用交易详细信息不同。最后，他们获得了未申请的交易的批准。”周说。

To complete the heist, hackers reportedly used a sophisticated phishing technique to create a fake version of the Safe wallet interface, which is used by exchange executives to approve large transactions.

为了完成抢劫案，据报道，黑客使用了一项复杂的网络钓鱼技术来创建一个伪造的安全钱包界面，交换高管将其用于批准大型交易。

After gaining access to one executive’s device, they displayed the fake interface, making it appear as though the exchange was receiving a large incoming transaction that needed approval. In reality, however, they were transferring funds out of the exchange.

在访问一位高管的设备后，他们显示了假界面，使它看起来好像正在获得需要批准的大型收入交易。但是，实际上，他们正在从交易所转移资金。

“The difference in the transaction applied for and the transaction approved was clear, and our internal investigation is ongoing. But we are confident that our security team was tricked by the sophisticated phishing techniques used by the hackers,” Zhou said.

“适用的交易和批准交易的差异很明显，我们的内部调查正在进行中。但是我们有信心，我们的安全团队被黑客使用的复杂网络钓鱼技术所欺骗。” Zhou说。

After several hours of transferring funds, hackers attempted to withdraw a final tranche of ETH to a UnionPay bank account in China. However, Bybit’s security team managed to identify and cancel the transaction in time.

经过几个小时的转移资金，黑客试图将最终的ETH撤回中国的Unionpay银行帐户。但是，Bybit的安全团队设法及时识别和取消交易。

In total, around $1.46 billion in crypto was stolen from Bybit’s Ethereum cold wallet over the course of several hours on Monday, February 20.

2月20日星期一的几个小时内，总共大约14.6亿美元的加密货币从拜比特的以太坊冷钱包中被盗。

The stolen funds included ETH, BTC, USDC and several other tokens.

被盗的资金包括ETH，BTC，USDC和其他几个令牌。

After the heist, the FBI confirmed that the hackers were part of the Lazarus Group, a group of North Korean state-sponsored hackers who have previously been linked to several high-profile cyberattacks.

抢劫后，联邦调查局确认黑客是拉撒路集团的一部分，拉撒路集团是一群朝鲜州议员的黑客，他们以前曾与几个备受瞩目的网络攻击有关。

In response to the heist, Zhou said that Bybit has declared “war” on the North Korean hackers.

为了回应抢劫案，周说，拜比特宣布对朝鲜黑客宣布“战争”。

“We will use all of our resources to bring these hackers to justice and recover the stolen funds,” he said.

他说：“我们将利用所有资源将这些黑客绳之以法并收回被盗的资金。”

The statement comes after the U.S. government last month placed sanctions on two North Korean officials for their role in cybercrime activities, including crypto theft.

该声明是在美国政府上个月对两名朝鲜官员在网络犯罪活动中的作用（包括加密盗窃）作用的制​​裁之后发表的。

According to the Treasury Department, the two officials, Park Jin Hyok and Kim Il, are members of the Reconnaissance Bureau 121, the main intelligence agency of the North Korean government.

据财政部称，两位官员Park Jin Hyok和Kim Il是朝鲜政府的主要情报机构侦察局121的成员。

The statement said that Park, who is also known as “Ha Dae Sung,” previously worked in software development in China before returning to North Korea in 2011 to contribute his technical expertise to the government.

声明说，帕克（Park）也被称为“ Ha dae Sung”，此前曾在中国从事软件开发工作，然后于2011年返回朝鲜，向政府贡献了他的技术专业知识。

He is described by the FBI as part of a conspiracy responsible for some of the most damaging cyber intrusions in the world.

联邦调查局将他描述为负责世界上一些最具破坏性的网络入侵的阴谋的一部分。

“Park Jin Hyok is allegedly a state-sponsored North Korean computer programmer who is part of an alleged criminal conspiracy responsible for some of the costliest computer intrusions in history. These intrusions caused damage to computer systems of, and stole currency and virtual currency from, numerous victims,” the FBI said.

“据称，帕克·金·霍克（Park Jin Hyok）是由国家赞助的朝鲜计算机程序员，他是涉嫌犯有历史上最昂贵的计算机侵入的犯罪阴谋的一部分。这些侵入造成了众多受害者对计算机系统的损害，并从众多受害者中窃取了货币和虚拟货币。”联邦调查局说。

The agency said that the intrusions caused widespread disruption to businesses and institutions, and personally affected countless individuals.

该机构表示，这些入侵造成了对企业和机构的普遍破坏，并影响了无数个人。

The statement added that Park is part of a group of North Korean hackers who have been indicted by a federal grand jury in the United States for their role in a hacking spree that targeted U.S. banks and institutions.

声明补充说，公园是一群朝鲜黑客的一部分，他们因其在针对美国银行和机构的黑客狂潮中的作用而被美国联邦大陪审团起诉。

The indictment alleges that the hackers stole nearly $1 billion in bitcoin from an exchange in 2014, and attempted to steal $1 billion more.

起诉书称，黑客在2014年的交易所偷走了将近10亿美元的比特币，并试图窃取10亿美元。

The indictment also said that the hackers used ransomware to encrypt the data of several U.S. hospitals, and threatened to delete the data unless they were paid a ransom.

起诉书还说，黑客使用勒索软件来加密几家美国医院的数据，并威胁要删除数据，除非他们获得赎金。

The Treasury Department said that Kim, who is also known as “Maru,” is a subordinate of Park and has been involved in cybercrime activities since at least 2016.

财政部说，金（Kim）也被称为“马鲁（Maru）”，是公园的下属，至少从2016年开始就从事网络犯罪活动。

He is said to have played a key role in developing and deploying malware that was used to steal cryptocurrencies from exchanges and individuals.

据说他在开发和部署用于从交易所和个人中窃取加密货币的恶意软件方面发挥了关键作用。

The statement said that Kim oversaw a group of hackers who used a variety of phishing techniques to compromise user credentials and gain access to exchange accounts.

声明说，金正日监督了一群使用各种网络钓鱼技术来损害用户凭据并获得交换帐户的访问权的黑客。

He is also said to have been involved in laundering the stolen cryptocurrencies through a network of cryptocurrency mixers and exchanges.

据说他还参与了通过加密货币混合器和交流网络来洗涤被盗的加密货币。

“North Korean cyber actors are part of a state-

“朝鲜网络演员是国家的一部分 -