{"id":406575,"date":"2022-10-10T11:25:55","date_gmt":"2022-10-10T13:25:55","guid":{"rendered":"https:\/\/teknomers.com\/fr\/des-pirates-informatiques-volent-100-millions-de-dollars-de-crypto-monnaie-a-binance-bridge\/"},"modified":"2022-10-10T11:25:56","modified_gmt":"2022-10-10T13:25:56","slug":"des-pirates-informatiques-volent-100-millions-de-dollars-de-crypto-monnaie-a-binance-bridge","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/des-pirates-informatiques-volent-100-millions-de-dollars-de-crypto-monnaie-a-binance-bridge\/","title":{"rendered":"Des pirates informatiques volent 100 millions de dollars de crypto-monnaie \u00e0 Binance Bridge"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both\"><\/div>\n<p>BNB Chain, une blockchain li\u00e9e \u00e0 l&#8217;\u00e9change de crypto-monnaie Binance, a r\u00e9v\u00e9l\u00e9 un exploit sur un pont inter-cha\u00eenes qui a drain\u00e9 environ 100 millions de dollars d&#8217;actifs num\u00e9riques.<\/p>\n<p>&#8220;Il y a eu un exploit affectant le pont inter-cha\u00eene natif entre BNB Beacon Chain (BEP2) et BNB Smart Chain (BEP20 ou BSC), connu sous le nom de&#8221; BSC Token Hub &#8220;&#8221;, il <a rel=\"nofollow noopener\" href=\"https:\/\/www.bnbchain.org\/en\/blog\/bnb-chain-ecosystem-update\/\" target=\"_blank\">a dit<\/a> La semaine derni\u00e8re.  &#8220;L&#8217;exploit \u00e9tait \u00e0 travers une forge sophistiqu\u00e9e de la preuve de bas niveau dans une biblioth\u00e8que commune.&#8221;<\/p>\n<p>Selon le PDG de Binance, Changpeng Zhao, l&#8217;exploit sur le pont inter-cha\u00eenes &#8220;<a rel=\"nofollow noopener\" href=\"https:\/\/twitter.com\/cz_binance\/status\/1578171072067031042\" target=\"_blank\">a g\u00e9n\u00e9r\u00e9 des BNB suppl\u00e9mentaires<\/a>&#8220;, incitant un <a rel=\"nofollow noopener\" href=\"https:\/\/www.reddit.com\/r\/bnbchainofficial\/comments\/xxjkpy\/temporary_pause_of_bsc\/\" target=\"_blank\">Suspension temporaire<\/a> de la cha\u00eene intelligente Binance (BSC).<\/p>\n<div class=\"ad_two clear\"><a rel=\"nofollow noopener\" href=\"https:\/\/go.thn.li\/strike-d\" target=\"_blank\" title=\"DevOps backupy\"><img decoding=\"async\" alt=\"La cyber-s\u00e9curit\u00e9\" class=\"lazyload\" loading=\"lazy\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/08\/La-nouvelle-vulnerabilite-Amazon-Ring-aurait-pu-exposer-tous-vos.png\" width=\"300\" height=\"250\" \/><\/a><\/div>\n<p>&#8220;BNB, qui signifie&#8221; Build and Build &#8220;(anciennement appel\u00e9 Binance Coin), est le jeton de gaz blockchain qui&#8221; alimente &#8220;les transactions sur la cha\u00eene BNB&#8221;, Binance <a rel=\"nofollow noopener\" href=\"https:\/\/www.binance.com\/en\/blog\/ecosystem\/introducing-bnb-chain-the-evolution-of-binance-smart-chain-421499824684903436\" target=\"_blank\">c&#8217;est not\u00e9<\/a> plus t\u00f4t en f\u00e9vrier.<\/p>\n<p>Aucun fonds d&#8217;utilisateur n&#8217;aurait \u00e9t\u00e9 affect\u00e9, car la vuln\u00e9rabilit\u00e9 du pont BSC Token Hub a permis \u00e0 l&#8217;attaquant inconnu de cr\u00e9er de nouveaux jetons BNB de mani\u00e8re non autoris\u00e9e.<\/p>\n<p>Alors que le piratage impliquait le retrait de deux millions de BNB en deux transactions, la suspension de la cha\u00eene a emp\u00each\u00e9 le vol de pr\u00e8s de 430 millions de dollars en crypto, la soci\u00e9t\u00e9 de s\u00e9curit\u00e9 blockchain SlowMist <a rel=\"nofollow noopener\" href=\"https:\/\/twitter.com\/SlowMist_Team\/status\/1578220472373649408\" target=\"_blank\">a dit<\/a>.<\/p>\n<p>C&#8217;est le <a rel=\"nofollow noopener\" href=\"https:\/\/rekt.news\/bnb-bridge-rekt\/\" target=\"_blank\">dernier<\/a> dans une s\u00e9rie de <a rel=\"nofollow noopener\" href=\"https:\/\/www.certik.com\/resources\/blog\/70o3UkC4JbLtyVR8hXpPxJ-september-stats-graph\" target=\"_blank\">incidents majeurs<\/a> ciblant les ponts inter-cha\u00eenes &#8211; qui facilitent le transfert d&#8217;actifs entre les blockchains &#8211; cette ann\u00e9e, apr\u00e8s celui d&#8217;Axie Infinity, Harmony Horizon Bridge et Nomad Bridge.<\/p>\n<div class=\"ad_two clear\"><a rel=\"nofollow noopener\" href=\"https:\/\/go.thn.li\/crowd-mid-d\" target=\"_blank\" title=\"CyberSecurity\"><img decoding=\"async\" alt=\"La cyber-s\u00e9curit\u00e9\" class=\"lazyload\" loading=\"lazy\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/10\/Des-pirates-informatiques-volent-100-millions-de-dollars-de-crypto-monnaie.png\" width=\"728\" height=\"90\" \/><\/a><\/div>\n<p>La soci\u00e9t\u00e9 d&#8217;analyse de la blockchain Chainalysis, en ao\u00fbt, <a rel=\"nofollow noopener\" href=\"https:\/\/blog.chainalysis.com\/reports\/cross-chain-bridge-hacks-2022\/\" target=\"_blank\">estim\u00e9<\/a> que 2 milliards de dollars de crypto-monnaie avaient \u00e9t\u00e9 vol\u00e9s lors de 13 attaques de ponts inter-cha\u00eenes, repr\u00e9sentant 69% du total des fonds vol\u00e9s en 2022.<\/p>\n<p>Le d\u00e9veloppement vient \u00e9galement en tant que soci\u00e9t\u00e9 de cybers\u00e9curit\u00e9 Bitdefender <a rel=\"nofollow noopener\" href=\"https:\/\/www.bitdefender.com\/blog\/labs\/side-loading-onedrive-for-profit-cryptojacking-campaign-detected-in-the-wild\/\" target=\"_blank\">r\u00e9v\u00e9l\u00e9<\/a> d\u00e9tails d&#8217;une campagne de cryptojacking qui exploite les vuln\u00e9rabilit\u00e9s connues de chargement lat\u00e9ral de DLL dans Microsoft OneDrive pour \u00e9tablir la persistance et d\u00e9ployer un logiciel de crypto-minage.<\/p>\n<p>Dans un d\u00e9veloppement connexe, Trend Micro a r\u00e9v\u00e9l\u00e9 qu&#8217;un acteur malveillant surnomm\u00e9 Water Labbu ciblait 45 sites Web frauduleux bas\u00e9s sur la cryptographie exploit\u00e9s par <a rel=\"nofollow noopener\" href=\"https:\/\/www.ic3.gov\/Media\/Y2022\/PSA220721\" target=\"_blank\">autres criminels<\/a> d\u00e9tourner les fonds des victimes vers un portefeuille sous leur contr\u00f4le.<\/p>\n<p>&#8220;De mani\u00e8re parasitaire, l&#8217;acteur de la menace a compromis les sites Web d&#8217;autres escrocs se faisant passer pour une application d\u00e9centralis\u00e9e (DApp) et leur a inject\u00e9 du code JavaScript malveillant&#8221;, a d\u00e9clar\u00e9 la soci\u00e9t\u00e9. <a rel=\"nofollow noopener\" href=\"https:\/\/www.trendmicro.com\/en_us\/research\/22\/j\/water-labbu-abuses-malicious-dapps-to-steal-cryptocurrency.html\" target=\"_blank\">a dit<\/a> dans une analyse la semaine derni\u00e8re.<\/p>\n<p><\/p>\n<\/div>\n<p><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2022\/10\/hackers-steal-100-million.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>BNB Chain, une blockchain li\u00e9e \u00e0 l&#8217;\u00e9change de crypto-monnaie Binance, a r\u00e9v\u00e9l\u00e9 un exploit sur un pont inter-cha\u00eenes qui a drain\u00e9 environ 100 millions de dollars d&#8217;actifs num\u00e9riques. &#8220;Il y a eu un exploit affectant le pont inter-cha\u00eene natif entre BNB Beacon Chain (BEP2) et BNB Smart Chain (BEP20 ou BSC), connu sous le nom [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":406576,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[22369,12732,4168,1966,4158,4165,4161,133,2414,8154,4157,4159,4171,4170,4167,1610,4160,4163,4162,4394,4172,4169,4166,21353,4164],"class_list":["post-406575","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-binance","tag-bridge","tag-comment-pirater","tag-cryptomonnaie","tag-cyber-actualites","tag-cyber-attaques","tag-cyber-mises-a-jour","tag-des","tag-dollars","tag-informatiques","tag-lactualite-de-la-cybersecurite","tag-lactualite-de-la-cybersecurite-aujourdhui","tag-lactualite-des-hackers","tag-la-securite-des-informations","tag-logiciel-malveillant-de-ransomware","tag-millions","tag-mises-a-jour-de-la-cybersecurite","tag-nouvelles-de-piratage","tag-nouvelles-de-pirates","tag-pirates","tag-securite-informatique","tag-securite-internet","tag-violation-de-donnees","tag-volent","tag-vulnerabilite-logicielle"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/406575","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=406575"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/406575\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/406576"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=406575"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=406575"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=406575"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}