{"id":62924,"date":"2023-12-15T16:35:56","date_gmt":"2023-12-15T07:35:56","guid":{"rendered":"https:\/\/nextmoney.jp\/?p=62924"},"modified":"2023-12-15T16:35:56","modified_gmt":"2023-12-15T07:35:56","slug":"sushiswap%ef%bc%88%e3%82%b9%e3%82%b7%e3%82%b9%e3%83%af%e3%83%83%e3%83%97%ef%bc%89cto-dapps%ef%bc%88%e3%83%80%e3%83%83%e3%83%97%e3%82%b9%ef%bc%89%e3%82%a4%e3%83%b3%e3%82%bf%e3%83%a9%e3%82%af%e3%82%b7","status":"publish","type":"post","link":"https:\/\/nextmoney.jp\/?p=62924","title":{"rendered":"SushiSwap\uff08\u30b9\u30b7\u30b9\u30ef\u30c3\u30d7\uff09CTO =DApps\uff08\u30c0\u30c3\u30d7\u30b9\uff09\u30a4\u30f3\u30bf\u30e9\u30af\u30b7\u30e7\u30f3\u306f\u907f\u3051\u3066\u3068\u8b66\u544a"},"content":{"rendered":"<h2>SushiSwap\uff08\u30b9\u30b7\u30b9\u30ef\u30c3\u30d7\uff09CTO\u304cDApps\u30a4\u30f3\u30bf\u30e9\u30af\u30b7\u30e7\u30f3\u5229\u7528\u306b\u8b66\u544a<\/h2>\n<p>SushiSwap\uff08\u30b9\u30b7\u30b9\u30ef\u30c3\u30d7\uff09\u306e\u30de\u30b7\u30e5\u30fc\u30fb\u30ea\u30ea\u30fc\uff08Matthew Lilly\uff09CTO\uff08\u6700\u9ad8\u6280\u8853\u8cac\u4efb\u8005\uff09\u3001\u6c0f\u306f X\uff08\u65e7Twitter\uff09\u3067\u8b66\u544a\u3057\u3001\u4ed6\u306e\u591a\u304f\u306e dApp\uff08\u5206\u6563\u578b\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\uff09\u3067\u4fb5\u5bb3\u304c\u78ba\u8a8d\u3055\u308c\u3066\u3044\u308b\u3053\u3068\u304b\u3089\u3001DApps\uff08\u203bdApp\u306e\u8907\u6570\u5f62\uff09\u3068\u306e\u3084\u308a\u53d6\u308a\u3092\u907f\u3051\u308b\u3088\u3046\u30e6\u30fc\u30b6\u30fc\u306b\u6c42\u3081\u3066\u3044\u308b\u4e8b\u304c\u5206\u304b\u3063\u305f\u3002<\/p>\n<p>\u4eee\u60f3\u901a\u8ca8\u5206\u91ce\u306b\u304a\u3051\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a4\u30f3\u30b7\u30c7\u30f3\u30c8\u306f\u983b\u7e41\u306b\u767a\u751f\u3057\u3066\u3044\u308b\u3082\u306e\u306e\u3001\u305d\u308c\u3089\u306f\u5358\u4e00\u306e\u30d7\u30ed\u30c8\u30b3\u30eb\u306b\u5206\u96e2\u3055\u308c\u3066\u304a\u308a\u3001\u591a\u304f\u306edApp\u306b\u5bfe\u3059\u308b\u653b\u6483\u304c\u7d99\u7d9a\u3057\u3066\u304a\u308a\u3001\u540c\u6c0f\u306fX\u3092\u901a\u3058\u3066\u6b21\u306e\u3088\u3046\u306b\u8ff0\u3079\u3066\u3044\u308b\u3002<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">&#x1f6a8;&#x1f6a8;&#x1f6a8; RED ALERT &#x1f6a8;&#x1f6a8;&#x1f6a8;: <\/p>\n<p>Do not interact with ANY dApps until further notice. It appears that a commonly used web3 connector has been compromised which allows for injection of malicious code affecting numerous dApps.<\/p>\n<p>&mdash; I&#39;m Software &#x1f987;&#x1f50a; (@MatthewLilley) <a href=\"https:\/\/twitter.com\/MatthewLilley\/status\/1735275960662921638?ref_src=twsrc%5Etfw\">December 14, 2023<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<div class=\"c_box white_box\"><span style=\"font-size: 10pt;\"><span style=\"font-size: 10pt;\">\u65e5\u672c\u8a9e\u8a33\uff1a<br \/>\n\u7dca\u6025\u8b66\u5831:<br \/>\n\u8ffd\u3063\u3066\u901a\u77e5\u304c\u3042\u308b\u307e\u3067\u306f\u3001\u3044\u304b\u306a\u308bdApp\u3082\u64cd\u4f5c\u3057\u306a\u3044\u3067\u304f\u3060\u3055\u3044\u3002\u4e00\u822c\u7684\u306b\u4f7f\u7528\u3055\u308c\u3066\u3044\u308bWeb3\u30b3\u30cd\u30af\u30bf\u304c\u4fb5\u5bb3\u3055\u308c\u3001\u591a\u6570\u306edApp\u306b\u5f71\u97ff\u3092\u4e0e\u3048\u308b\u60aa\u610f\u306e\u3042\u308b\u30b3\u30fc\u30c9\u306e\u633f\u5165\u304c\u53ef\u80fd\u306b\u306a\u3063\u305f\u3088\u3046\u3067\u3059\u3002<\/span><\/span><\/div>\n<p>\u540c\u6c0f\u306f\u5f8c\u306b\u3001Ledger ConnectKit\u3092\u4f7f\u7528\u3059\u308bdApps\u306b\u306f\u8106\u5f31\u6027\u304c\u3042\u308b\u3053\u3068\u3092\u660e\u3089\u304b\u306b\u3057\u305f\u3046\u3048\u3067\u3001\u6b21\u306e\u3088\u3046\u306b<a href=\"https:\/\/twitter.com\/MatthewLilley\/status\/1735279646999040321\" rel=\"noopener noreferrer\" target=\"_blank\">\u8b66\u544a<\/a>\u3057\u3066\u3044\u308b\u3002<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">ANY dApp which makes use of LedgerHQ\/connect-kit is vulnerable. Don&#39;t use ANY dApps until further notice. This isn&#39;t a single isolated attack, it&#39;s a large-scale attack on multiple dApps. <a href=\"https:\/\/t.co\/a3brXNQSx9\">https:\/\/t.co\/a3brXNQSx9<\/a><\/p>\n<p>&mdash; I&#39;m Software &#x1f987;&#x1f50a; (@MatthewLilley) <a href=\"https:\/\/twitter.com\/MatthewLilley\/status\/1735279646999040321?ref_src=twsrc%5Etfw\">December 14, 2023<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<div class=\"c_box white_box\"><span style=\"font-size: 10pt;\"><span style=\"font-size: 10pt;\">\u65e5\u672c\u8a9e\u8a33\uff1a<br \/>\nLedgerHQ\/connect-kit\u3092\u5229\u7528\u3059\u308bdApp\u306f\u3059\u3079\u3066\u8106\u5f31\u3067\u3059\u3002\u8ffd\u3063\u3066\u901a\u77e5\u304c\u3042\u308b\u307e\u3067\u306f\u3001dApp\u3092\u4f7f\u7528\u3057\u306a\u3044\u3067\u304f\u3060\u3055\u3044\u3002\u3053\u308c\u306f\u5358\u4e00\u306e\u5358\u72ec\u306e\u653b\u6483\u3067\u306f\u306a\u304f\u3001\u8907\u6570\u306edApp\u306b\u5bfe\u3059\u308b\u5927\u898f\u6a21\u306a\u653b\u6483\u3067\u3059\u3002<\/span><\/span><\/div>\n<p>Web3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4f1a\u793e\u306e<a href=\"https:\/\/www.blockaid.io\/\" rel=\"noopener noreferrer\" target=\"_blank\">Blockaid<\/a>\u306f\u3001Ledger ConnectKit\u306b\u5bfe\u3059\u308b\u30b5\u30d7\u30e9\u30a4\u30c1\u30a7\u30fc\u30f3\u653b\u6483\u306e\u53ef\u80fd\u6027\u3092\u7591\u3063\u3066\u304a\u308a\u3001\u6b21\u306e\u3088\u3046\u306b\u8ff0\u3079\u3066\u3044\u308b\u3002<\/p>\n<blockquote><p><strong><em>\u653b\u6483\u8005\u306f\u3001\u30a6\u30a9\u30ec\u30c3\u30c8\u3092\u6392\u51fa\u3059\u308b\u30da\u30a4\u30ed\u30fc\u30c9\u3092\u4eba\u6c17\u306e\u3042\u308bNPM\u30d1\u30c3\u30b1\u30fc\u30b8\u306b\u633f\u5165\u3057\u307e\u3057\u305f\u3002\u3053\u308c\u306f\u73fe\u5728\u3001Hey.xyz \u3084 Sushi.com\u306a\u3069\u3001\u3044\u304f\u3064\u304b\u306e\u4eba\u6c17\u306e\u3042\u308bDapps\u306b\u5f71\u97ff\u3092\u4e0e\u3048\u3066\u3044\u307e\u3059\u3002<\/em><\/strong><\/p><\/blockquote>\n<p><\/br><\/p>\n<h3>\u660e\u78ba\u306b\u306a\u308b\u307e\u3067\u306f\u4eee\u60f3\u901a\u8ca8\u30a6\u30a7\u30d6\u30b5\u30a4\u30c8\u306e\u5229\u7528\u3092\u907f\u3051\u308b\u3088\u3046\u547c\u3073\u304b\u3051<\/h3>\n<p>Blockaid\u306f\u3001\u904e\u53bb2\u6642\u9593\u3067150,000\u30c9\u30eb\uff08\u7d042,100\u4e07\u5186\uff09\u4ee5\u4e0a\u306e\u8cc7\u91d1\u304c\u5931\u308f\u308c\u305f\u4e8b\u3092\u660e\u3089\u304b\u306b\u3057\u3066\u3044\u308b\u3002<\/p>\n<p>\u307e\u305f\u3001\u30c8\u30fc\u30af\u30f3\u627f\u8a8d\u7ba1\u7406\u30c4\u30fc\u30eb\u3092\u624b\u639b\u3051\u308b<a href=\"https:\/\/revoke.cash\/\" rel=\"noopener noreferrer\" target=\"_blank\">Revoke.cash<\/a>\u3082\u4fb5\u5bb3\u3055\u308c\u305f\u3053\u3068\u3092\u78ba\u8a8d\u3002\u4e00\u65b9\u3067\u3001\u3055\u3089\u306b\u660e\u78ba\u306b\u306a\u308b\u307e\u3067\u306f\u4eee\u60f3\u901a\u8ca8\u30a6\u30a7\u30d6\u30b5\u30a4\u30c8\u306e\u5229\u7528\u3092\u907f\u3051\u308b\u3088\u3046\u30e6\u30fc\u30b6\u30fc\u306b\u547c\u3073\u304b\u3051\u3066\u3044\u308b\u3002<\/p>\n<p>\u30ea\u30ea\u30fc\u6c0f\u306f\u3001Ledger ConnectKit\u304c\u300c\u3072\u3069\u3044\u5931\u7b56\u306e\u9023\u9396\u300d\u3092\u72af\u3057\u305f\u3068\u8ff0\u3079\u3001\u3053\u306e\u4e8b\u4ef6\u30923\u3064\u306e\u30dd\u30a4\u30f3\u30c8\u306b\u8981\u7d04\u3057\u3001CDN\u304b\u3089JS\u3092\u30ed\u30fc\u30c9\u3057\u3066\u304a\u308a\u3001\u3053\u308c\u3089\u306f\u30d0\u30fc\u30b8\u30e7\u30f3\u30ed\u30c3\u30af\u3055\u308c\u3001\u30ed\u30fc\u30c9\u3055\u308c\u305fJS\u3067\u306f\u306a\u3044\u3002CDN\u304c\u4fb5\u5bb3\u3055\u308c\u305f\u3068\u8ff0\u3079\u3066\u3044\u308b\u3002Ledger\u306f\u3001ConnectKit\u306e\u60aa\u610f\u306e\u3042\u308b\u30d0\u30fc\u30b8\u30e7\u30f3\u3092\u7279\u5b9a\u3057\u3066\u524a\u9664\u3057\u305f\u3053\u3068\u3092\u30e6\u30fc\u30b6\u30fc\u306b\u901a\u77e5\u3057\u305f\u3046\u3048\u3067\u3001X\u306b\u3066\u6b21\u306e\u3088\u3046\u306b\u8ff0\u3079\u3066\u3044\u308b\u3002<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">&#x1f6a8;We have identified and removed a malicious version of the Ledger Connect Kit. &#x1f6a8;<\/p>\n<p>A genuine version is being pushed to replace the malicious file now. Do not interact with any dApps for the moment. We will keep you informed as the situation evolves. <\/p>\n<p>Your Ledger device and\u2026<\/p>\n<p>&mdash; Ledger (@Ledger) <a href=\"https:\/\/twitter.com\/Ledger\/status\/1735291427100455293?ref_src=twsrc%5Etfw\">December 14, 2023<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<div class=\"c_box white_box\"><span style=\"font-size: 10pt;\"><span style=\"font-size: 10pt;\">\u65e5\u672c\u8a9e\u8a33\uff1a<br \/>\nLedger Connect Kit\u306e\u60aa\u610f\u306e\u3042\u308b\u30d0\u30fc\u30b8\u30e7\u30f3\u3092\u7279\u5b9a\u3057\u3001\u524a\u9664\u3057\u307e\u3057\u305f\u3002<br \/>\n\u73fe\u5728\u3001\u60aa\u610f\u306e\u3042\u308b\u30d5\u30a1\u30a4\u30eb\u3092\u7f6e\u304d\u63db\u3048\u308b\u305f\u3081\u306b\u6b63\u898f\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u304c\u30d7\u30c3\u30b7\u30e5\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u73fe\u6642\u70b9\u3067\u306fdAp \u3092\u64cd\u4f5c\u3057\u306a\u3044\u3067\u304f\u3060\u3055\u3044\u3002\u72b6\u6cc1\u306e\u9032\u5c55\u306b\u5fdc\u3058\u3066\u304a\u77e5\u3089\u305b\u3044\u305f\u3057\u307e\u3059\u3002<br \/>\nLedger\u30c7\u30d0\u30a4\u30b9\u3068Ledger Live\u306f\u4fb5\u5bb3\u3055\u308c\u3066\u3044\u307e\u305b\u3093\u3002<\/span><\/span><\/div>\n<p>\u306a\u304a\u3001Ledger \u30c7\u30d0\u30a4\u30b9\u3068Ledger Live\u306f\u4fb5\u5bb3\u3055\u308c\u90b8\u5185\u3068\u306e\u3053\u3068\u3060\u3002<\/p>\n\n<div style=\"font-size: 0px; height: 0px; line-height: 0px; margin: 0; padding: 0; clear: both;\"><\/div>","protected":false},"excerpt":{"rendered":"<p>SushiSwap\uff08\u30b9\u30b7\u30b9\u30ef\u30c3\u30d7\uff09CTO\u304cDApps\u30a4\u30f3\u30bf\u30e9\u30af\u30b7\u30e7\u30f3\u5229\u7528\u306b\u8b66\u544a SushiSwap\uff08\u30b9\u30b7\u30b9\u30ef\u30c3\u30d7\uff09\u306e\u30de\u30b7\u30e5\u30fc\u30fb\u30ea\u30ea\u30fc\uff08Matthew Lilly\uff09CTO\uff08\u6700\u9ad8\u6280\u8853\u8cac\u4efb\u8005\uff09\u3001\u6c0f\u306f X\uff08\u65e7Twitter\uff09\u3067\u8b66&#8230;<\/p>\n","protected":false},"author":2,"featured_media":11110,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[60],"tags":[4297,2948,447,723,5514],"class_list":{"0":"post-62924","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-60","8":"tag-cto","9":"tag-dapps","10":"tag-sushiswap","11":"tag-723","12":"tag-5514"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/nextmoney.jp\/index.php?rest_route=\/wp\/v2\/posts\/62924","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nextmoney.jp\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nextmoney.jp\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nextmoney.jp\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nextmoney.jp\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=62924"}],"version-history":[{"count":1,"href":"https:\/\/nextmoney.jp\/index.php?rest_route=\/wp\/v2\/posts\/62924\/revisions"}],"predecessor-version":[{"id":62925,"href":"https:\/\/nextmoney.jp\/index.php?rest_route=\/wp\/v2\/posts\/62924\/revisions\/62925"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nextmoney.jp\/index.php?rest_route=\/wp\/v2\/media\/11110"}],"wp:attachment":[{"href":"https:\/\/nextmoney.jp\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=62924"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nextmoney.jp\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=62924"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nextmoney.jp\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=62924"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}