摘要:多起针对长期未活跃以太坊钱包的异常转账引发行业警报,涉及资产超80万美元。调查指向早期漏洞与跨链路径混淆,警示用户警惕老旧数字资产存储风险。
币圈界报道:
dormant Ethereum wallets targeted in coordinated cyber heist
Recent unauthorized transactions on the Ethereum blockchain have triggered widespread concern, affecting numerous long-inactive wallet addresses. Some impacted accounts had remained dormant for up to fourteen years, resulting in estimated losses of approximately $800,000. Analysts have yet to identify the precise method used, but initial assessments suggest a meticulously crafted digital theft operation leveraging cross-chain protocols to obscure fund movement.
Focus on dormant digital holdings?
The incident stands out due to the prolonged inactivity of most affected wallets, with certain addresses traceable back to 2010 and showing no prior transaction history. Notably, even experienced blockchain users were not immune. Industry experts highlight that these wallets had not interacted with any modern smart contracts or decentralized systems recently. A prominent crypto analyst known as @WazzCrypto on social media reported a surge in alerts regarding dormant wallet compromises.
Hundreds of inactive wallets were emptied by a single address, triggering an abnormal spike in on-chain activity.
How were legacy wallets compromised?
The exact attack vector remains under debate, with speculation centering on leaked private key lists and inherent vulnerabilities in older wallet software versions. Some affected addresses may be linked to historical security incidents. Investigators also found that stolen assets were converted into privacy-focused cryptocurrencies like Monero, alongside various other tokens, indicating potential manual intervention in the laundering process. Interestingly, not all wallets were fully drained—small residual balances remain in several cases.
Stolen funds were distributed across multiple platforms to obfuscate origins. This fragmentation strategy closely mirrors tactics seen in past DeFi-related breaches. Tracking data reveals that 324.7 ETH worth of assets were routed via cross-chain bridges into the Bitcoin ecosystem, while another address retained around $30,000 in ETH and equivalent to 9.56 BTC in diverse digital assets.
Experts warn that outdated security flaws—such as those tied to password managers or package managers—may have indirectly enabled access to these dormant accounts. Additionally, certain transaction automation tools requiring private key import could represent weak points in the security chain.
This wave of incidents has reignited debates over DeFi security standards and serves as a stark reminder of the risks associated with storing significant digital wealth in rarely accessed cryptographic storage solutions. For the broader blockchain community, the event underscores the persistent vulnerability of legacy digital assets.
声明:本站所有文章内容,均为采集网络资源,不代表本站观点及立场,不构成任何投资建议!如若内容侵犯了原著者的合法权益,可联系本站删除。