EOS大事记，Flash.sx被盗超百万EOS，总价值过亿！事件全程复盘。

@font-face{ font-family:\"Times New Roman\"; } @font-face{ font-family:\"宋体\"; } @font-face{ font-family:\"Calibri\"; } p.MsoNormal{ mso-style-name:正文; mso-style-parent:\"\"; margin:0pt; margin-bottom:.0001pt; mso-pagination:none; text-align:justify; text-justify:inter-ideograph; font-family:Calibri; mso-fareast-font-family:宋体; mso-bidi-font-family:'Times New Roman'; font-size:10.5000pt; mso-font-kerning:1.0000pt; } span.msoIns{ mso-style-type:export-only; mso-style-name:\"\"; text-decoration:underline; text-underline:single; color:blue; } span.msoDel{ mso-style-type:export-only; mso-style-name:\"\"; text-decoration:line-through; color:red; } @page{mso-page-border-surround-header:no; mso-page-border-surround-footer:no;}@page Section0{ } div.Section0{page:Section0;}

一、EOSX的理财产品金库突然被盗 损失140Weos+50WUSDT！

@font-face{ font-family:\"Times New Roman\"; } @font-face{ font-family:\"宋体\"; } @font-face{ font-family:\"Calibri\"; } p.MsoNormal{ mso-style-name:正文; mso-style-parent:\"\"; margin:0pt; margin-bottom:.0001pt; mso-pagination:none; text-align:justify; text-justify:inter-ideograph; font-family:Calibri; mso-fareast-font-family:宋体; mso-bidi-font-family:'Times New Roman'; font-size:10.5000pt; mso-font-kerning:1.0000pt; } span.msoIns{ mso-style-type:export-only; mso-style-name:\"\"; text-decoration:underline; text-underline:single; color:blue; } span.msoDel{ mso-style-type:export-only; mso-style-name:\"\"; text-decoration:line-through; color:red; } @page{mso-page-border-surround-header:no; mso-page-border-surround-footer:no;}@page Section0{ } div.Section0{page:Section0;}

昨日一则内部消息在EOS社区流传开来，EOSX被黑客攻击，理财产品金库被盗，损失约140W EOS和50W USDT！！！EOSX是由EOS Asia和EOS Nation开发的理财项目。

@font-face{ font-family:\"Times New Roman\"; } @font-face{ font-family:\"宋体\"; } @font-face{ font-family:\"Calibri\"; } p.MsoNormal{ mso-style-name:正文; mso-style-parent:\"\"; margin:0pt; margin-bottom:.0001pt; mso-pagination:none; text-align:justify; text-justify:inter-ideograph; font-family:Calibri; mso-fareast-font-family:宋体; mso-bidi-font-family:'Times New Roman'; font-size:10.5000pt; mso-font-kerning:1.0000pt; } span.msoIns{ mso-style-type:export-only; mso-style-name:\"\"; text-decoration:underline; text-underline:single; color:blue; } span.msoDel{ mso-style-type:export-only; mso-style-name:\"\"; text-decoration:line-through; color:red; } @page{mso-page-border-surround-header:no; mso-page-border-surround-footer:no;}@page Section0{ } div.Section0{page:Section0;}

二、EOSNation火速处理，紧急审查代码漏洞，提出应急方案。

@font-face{ font-family:\"Times New Roman\"; } @font-face{ font-family:\"宋体\"; } @font-face{ font-family:\"Calibri\"; } p.MsoNormal{ mso-style-name:正文; mso-style-parent:\"\"; margin:0pt; margin-bottom:.0001pt; mso-pagination:none; text-align:justify; text-justify:inter-ideograph; font-family:Calibri; mso-fareast-font-family:宋体; mso-bidi-font-family:'Times New Roman'; font-size:10.5000pt; mso-font-kerning:1.0000pt; } span.msoIns{ mso-style-type:export-only; mso-style-name:\"\"; text-decoration:underline; text-underline:single; color:blue; } span.msoDel{ mso-style-type:export-only; mso-style-name:\"\"; text-decoration:line-through; color:red; } @page{mso-page-border-surround-header:no; mso-page-border-surround-footer:no;}@page Section0{ } div.Section0{page:Section0;}

经过代码审查，确认黑客是通过使用sxVault中的代码缺陷进行Flash借贷攻击的。

EOSNation向黑客公开提出赎金(10w USDT)，承诺如果黑客向官方帐户返还EOS和USDT，10万USDT将发送到黑客选择的帐户中。

这项提议被忽略了，黑客开始将资金转移到多个账户进行混合。

@font-face{ font-family:\"Times New Roman\"; } @font-face{ font-family:\"宋体\"; } @font-face{ font-family:\"Calibri\"; } p.MsoNormal{ mso-style-name:正文; mso-style-parent:\"\"; margin:0pt; margin-bottom:.0001pt; mso-pagination:none; text-align:justify; text-justify:inter-ideograph; font-family:Calibri; mso-fareast-font-family:宋体; mso-bidi-font-family:'Times New Roman'; font-size:10.5000pt; mso-font-kerning:1.0000pt; } span.msoIns{ mso-style-type:export-only; mso-style-name:\"\"; text-decoration:underline; text-underline:single; color:blue; } span.msoDel{ mso-style-type:export-only; mso-style-name:\"\"; text-decoration:line-through; color:red; } @page{mso-page-border-surround-header:no; mso-page-border-surround-footer:no;}@page Section0{ } div.Section0{page:Section0;}

三、BP召开紧急会议，超级节点参与决策。

@font-face{ font-family:\"Times New Roman\"; } @font-face{ font-family:\"宋体\"; } @font-face{ font-family:\"Calibri\"; } p.MsoNormal{ mso-style-name:正文; mso-style-parent:\"\"; margin:0pt; margin-bottom:.0001pt; mso-pagination:none; text-align:justify; text-justify:inter-ideograph; font-family:Calibri; mso-fareast-font-family:宋体; mso-bidi-font-family:'Times New Roman'; font-size:10.5000pt; mso-font-kerning:1.0000pt; } span.msoIns{ mso-style-type:export-only; mso-style-name:\"\"; text-decoration:underline; text-underline:single; color:blue; } span.msoDel{ mso-style-type:export-only; mso-style-name:\"\"; text-decoration:line-through; color:red; } @page{mso-page-border-surround-header:no; mso-page-border-surround-footer:no;}@page Section0{ } div.Section0{page:Section0;}

北京时间6点，BP召开紧急会议，21个超级节点参与投票决策。最后以15/21BP协议下，冻结该名黑客帐户(更改关键权限)，然后归还被盗资金。事件解决

四、总结复盘

@font-face{ font-family:\"Times New Roman\"; } @font-face{ font-family:\"宋体\"; } @font-face{ font-family:\"Calibri\"; } p.MsoNormal{ mso-style-name:正文; mso-style-parent:\"\"; margin:0pt; margin-bottom:.0001pt; mso-pagination:none; text-align:justify; text-justify:inter-ideograph; font-family:Calibri; mso-fareast-font-family:宋体; mso-bidi-font-family:'Times New Roman'; font-size:10.5000pt; mso-font-kerning:1.0000pt; } span.msoIns{ mso-style-type:export-only; mso-style-name:\"\"; text-decoration:underline; text-underline:single; color:blue; } span.msoDel{ mso-style-type:export-only; mso-style-name:\"\"; text-decoration:line-through; color:red; } @page{mso-page-border-surround-header:no; mso-page-border-surround-footer:no;}@page Section0{ } div.Section0{page:Section0;}

1.出于BP利益的回应？

由干BP的快速响应，该案例通过冻结黑客帐户而得以解决。

但是，SXVault是EOS Nation运营的DeFi服务，由于它符合BP的利益，因此似乎已得到快速解决。而在个人帐户被黑客入侵或其他非BP项目被黑客攻击的更大的事件中，BP能否继续冻结帐户呢？

2.个别BP的缺席

BP召开紧急会议并以15/21BP或更高的协议解决，但一些个别BP没有参加会议。(由于这次会议非常紧急，的确无法保证所有BP参加会议。)

3.需要加强预防黑客攻击，准备应急方案

DeFi黑客案例不仅发生在EOSDApp上，而且还发生在以太坊和BSC等各区块链上。即使进行了多重签名和安全审核。代码也不是100%完美的。因此，需要准备措施和后续措施。

4.黑客入侵时其他区块链的响应情况

Bitcoin:在Binance骇客危机期间，Binance首席执行官CZ并未(也无法)进行类似操作，选择使用其自己的资产基金SAFU基金来补偿黑客所造成的损失。这是为了整个比特币网络的利益而做出的决定。

以太坊(Ethereum):在以太坊DA0被黑客入侵的情况下，以太坊进行了区块链硬分叉以消除黑客破坏。这打乱了以太坊社区，这也是比特币极简主义者仍在批评它的原因之一。

@font-face{ font-family:\"Times New Roman\"; } @font-face{ font-family:\"宋体\"; } @font-face{ font-family:\"Calibri\"; } p.MsoNormal{ mso-style-name:正文; mso-style-parent:\"\"; margin:0pt; margin-bottom:.0001pt; mso-pagination:none; text-align:justify; text-justify:inter-ideograph; font-family:Calibri; mso-fareast-font-family:宋体; mso-bidi-font-family:'Times New Roman'; font-size:10.5000pt; mso-font-kerning:1.0000pt; } span.msoIns{ mso-style-type:export-only; mso-style-name:\"\"; text-decoration:underline; text-underline:single; color:blue; } span.msoDel{ mso-style-type:export-only; mso-style-name:\"\"; text-decoration:line-through; color:red; } @page{mso-page-border-surround-header:no; mso-page-border-surround-footer:no;}@page Section0{ } div.Section0{page:Section0;}

五、社区讨论分享

@font-face{ font-family:\"Times New Roman\"; } @font-face{ font-family:\"宋体\"; } @font-face{ font-family:\"Calibri\"; } p.MsoNormal{ mso-style-name:正文; mso-style-parent:\"\"; margin:0pt; margin-bottom:.0001pt; mso-pagination:none; text-align:justify; text-justify:inter-ideograph; font-family:Calibri; mso-fareast-font-family:宋体; mso-bidi-font-family:'Times New Roman'; font-size:10.5000pt; mso-font-kerning:1.0000pt; } span.msoIns{ mso-style-type:export-only; mso-style-name:\"\"; text-decoration:underline; text-underline:single; color:blue; } span.msoDel{ mso-style-type:export-only; mso-style-name:\"\"; text-decoration:line-through; color:red; } @page{mso-page-border-surround-header:no; mso-page-border-surround-footer:no;}@page Section0{ } div.Section0{page:Section0;}

作为超级节点之一，我们试图从客观的角度来描述。EOS社区并不希望掩盖此事件并重复相同的问题，我们希望上述问题将得到改善，并且EOS社区将不会分裂，而会成为一个更强大的社区。

BM认为，错误的代码和软件不可避免，因此BM表示，代码不是法律，而是代码的意图。我们会与EOS社区分享与SX Vault事件有关的各种意见。

以上是社群讨论分享，欢迎加入EOS社区，来分享你的意见

电报群：http://t.me/starteos.io

微信群：（群人数已满，添加客服微信，回复3即可拉群）

—-

编译者/作者：Starteos官方

玩币族申明：玩币族作为开放的资讯翻译/分享平台，所提供的所有资讯仅代表作者个人观点，与玩币族平台立场无关，且不构成任何投资理财建议。文章版权归原作者所有。