Raws li kev tshawb fawb tsis ntev los no, Metamask crypto hnab nyiaj cov neeg siv yuav muaj kev pheej hmoo ntawm kev poob tag nrho lawv cov cuab tam digital lossis txawm tias muaj kev hem thawj rau lub cev. Tus kws tshuaj ntsuam xyuas kev nyab xeeb thiab tus kws sau nyiaj txiag Alexandru Lupascu, tus tsim ntawm OMNIA raws tu qauv, pom qhov tsis zoo no hauv lub hnab nyiaj nrov Web 3.0.
Yuav ua li cas puas tsuaj?
Lupascu pom tias pawg neeg phem tuaj yeem tsim lub cim tsis zoo (NFT) thiab tau txais tus neeg siv tus IP chaw nyob los ntawm kev hloov cov tswv cuab dawb ntawm cov duab kos duab. Ib tug hacker yuav tsum tau siv tsawg li $50 los tua ib tug neeg tus kheej. Nws hais tias, "Tsis txhob kwv yees qhov kev pheej hmoo cuam tshuam nrog IP xau."
Lupascu tau hais ntxiv tias "yog tias cov neeg ua phem ua phem tau txais cov ntaub ntawv ntau ntxiv los ntawm IP chaw nyob (xav tias qhov chaw nyob, GSM cov cab kuj, thiab lwm yam), lawv tuaj yeem ua rau muaj kev pheej hmoo ntawm lub cev, xws li kev nyiag khoom."
Tsis tas li ntawd, qhov kev tawm tsam no tuaj yeem ua "ua rau muaj kev puas tsuaj ntau dua li Distributed Denial of Service (DDoS) nres," raws li tus kws tshaj lij cryptographer. Rau qhov kev sib piv yooj yim, qhov kev tawm tsam no tuaj yeem yog yim npaug ntau dua li Mirai botnet nres thaum Lub Kaum Hli 2016 uas tau tshem tawm Twitter, Reddit, Spotify, GitHub, Netflix, Airbnb thiab ntau lub vev xaib nrov.
Alexandru tau luam tawm tag nrho ncig saib yuav ua li cas qhov kev tawm tsam ua tiav, los ntawm minting NFT kom hloov mus rau tus neeg raug tsim txom kom tau txais IP chaw nyob thiab thaum kawg, cuam tshuam txog kev ceev ntiag tug lossis txawm nyiag lawv cov cuab tam crypto. Nws tau sim qhov kev tawm tsam no ntawm iOS Metamask app version 3.7.0, tab sis nws kuj yuav zoo ib yam rau Android version. Nws minted NFT ntawm OpenSea, qhov loj tshaj plaws NFT kev lag luam, thiab kho ERC-1155 tus qauv ntse daim ntawv cog lus nrog remix Ethereum IDE.
Lawv puas kho nws?
Raws li Lupascu, nws tau pom thiab hais txog qhov tsis txaus ntseeg kev nyab xeeb rau pab pawg Metamask thaum Lub Kaum Ob Hlis 14, 2021, tab sis lawv tsis saib xyuas thiab teb los daws qhov teeb meem no los ntawm Q2 2022. Nws hais tias, "Rau peb, nws tsis tuaj yeem tso cai tawm ntawm tus neeg siv loj li no. lub hauv paus muaj kev pheej hmoo rau ntev heev, tshwj xeeb tshaj yog tias qhov no tau paub ua ntej, raws li lawv hais. "
Tom qab qhov kev tshawb fawb no tau qhia rau pej xeem, Daniel Finlay, uas yog tus tsim ntawm Metamask, txais, "Kuv xav tias qhov teeb meem no tau paub dav dav rau lub sijhawm ntev, yog li kuv tsis xav tias yuav siv sijhawm qhia tawm."
Finlay hais ntxiv tias, “Alex muaj cai hu rau peb kom tsis hais nws sai dua. Pib ua hauj lwm rau nws tam sim no. Ua tsaug rau qhov ncaws hauv lub ris, thiab thov txim peb xav tau nws. "
Tsis txhob hnov qab, ConsenSys, Metamask lub tuam txhab niam txiv, tau tsa $ 200 lab nrog Metamask tshaj 21 lab tus neeg siv txhua hli hauv lub Kaum Ib Hlis 2021. Lub hnab nyiaj crypto nrov tshaj plaws kuj tseem siv los ua lub rooj vag rau 3,700 Web 3.0 decentralized applications (dApps).
Koj xav li cas txog cov ncauj lus no? Sau ntawv rau peb thiab qhia rau peb!
Disclaimer
Txhua yam ntaub ntawv muaj nyob hauv peb lub vev xaib raug tshaj tawm hauv kev ntseeg zoo thiab rau cov ncauj lus dav dav xwb. Txhua yam kev ua txhaum ntawm tus nyeem ntawv yuav siv raws li cov xov xwm pom ntawm peb lub vev xaib yog nruj ntawm lawv tus kheej txoj kev pheej hmoo.
Tau qhov twg los: https://beincrypto.com/critical-vulnerability-found-that-could-put-21m-metamask-users-data-at-risk/