关注前沿科技 量子位
就离谱,OpenAI 𝕏官号一夜间被挖币的给黑了!
就是刚开设专门发新闻的那个OpenAI Newsroom账号。
深更半夜突然发了这么一条推文:
我们非常高兴宣布推出💲OPENAI:这是一种连接人工智能和区块链技术的代币。所有OpenAI用户都有资格领取一部分💲OPENAI的初始供应。持有💲OPENAI将获得我们未来所有测试程序的访问权限。
随后送上了钓鱼网站链接。
目前这条推文是看不到了,只留下一句:
评论因恶意链接而被关闭。祝大家好运!
不止这个官号,15个月内,OpenAI相关𝕏帐号至少被盗了4个。
OpenAI员工账号最近也都接连遭遇不测。
首席科学家Jakub Pachocki、CTO Mira Murati、研究员Jason Wei的账号全都成为被攻击对象。
看这一毛一样的操作,是同一波人干的没跑儿了。
网友表示,过去12个月内,Jason Wei账号至少被盗了10次。
而这次OpenAI Newsroom账号被黑,距离Jason Wei账号最新一次被黑,仅仅间隔不到两天。
这些推文散播在𝕏上,聚集成了大型吃瓜现场。
在此之余,网友们也为大伙儿捏了把汗,可别真上当了。
我不太理解这里的目标受众是谁。如果这些骗局不起作用,他们应该不会花这么多时间去搞。
但是,究竟是哪些人会同时:1)对加密货币感兴趣;2)了解OpenAI及其高层领导,并且3)能轻易落入这种简单的钱包盗窃陷阱?
马斯克的xAI员工、Grok开发者都忍不住开麦:
祝大家好运!
也有网友为OpenAI感叹:
一次是运气不好 两次就能反映问题了 三次就是系统性的了
网友调侃Ilya创业搞SSI(Safe SuperIntelligence),OpenAI这下成了USI(Unsafe SuperIntelligence):
所以为啥不开2FA(双因素认证)?
或许……2FA都不管用了。
就有网友对这次攻击的运作方式和技术栈进行了分析。
攻击方法分析
以下是Vercel CEO Guillermo Rauch给出的分析。
首先要注意的是,大多数钓鱼网站有一个共同缺点:网站看起来很low。
但这次的钓鱼网站真像那么回事儿,真像是合法网站。
攻击者怎么能做得这么逼真?
注意“data-scrapbook-source”属性。可能是用了某种爬虫工具?
谷歌一下,会发现它出现在许多被报告的钓鱼网站上。它来自一个名为“WebScrapBook”的Chrome扩展,可以立即将网站克隆为静态HTML。
Guillermo Rauch亲自试了一下,表示效果非常好:
我克隆了自己的网站,复制得非常精准。
接下来Guillermo Rauch发现了华点。
HTML中暴露了攻击者抓取的日期:20240619000652144。
如果对其进行解析,结果显示为:2024-06-19T00:06:52.144Z,即三个月前。
这表明他们搞这玩意已经有一段时间了,可能针对的是多名OpenAI员工。
进入服务器堆栈。网站通过@cloudflare托管,理论上这很难追踪到源服务器。
但是,当触发404错误页面时,Guillermo Rauch得到了一些有趣的信息:
pache/2.4.52 (Ubuntu) Server at distribution-openai.com Port 80
为什么有趣?
Guillermo Rauch解释,“Port 80”可能意味着两种情况:
一种可能是他们设置了一个加密的反向隧道连接到Cloudflare(这不常见),或者正好相反,他们可能在大胆尝试直接将${ip}:80作为源。
问题是:如何找到这个源IP地址?
与普遍观点不同,传统CDN并不能真正保护源IP地址,这些IP地址可能会被搜索引擎发现。
该技术涉及在源中查找唯一的字符串,其中有一些很好的候选字符串。例如,CSS id:
这里发现了一个疑似克隆网站,但由于
标签不匹配,这并不是一个完全相同的克隆。</p><p>此外,它与HTML中的土耳其语不相符:</p><blockquote>Videoyu cep telefonunuzda izlemeye devam etmek için QR kodunu tarayın(若要继续在您的手机上观看视频,请扫描QR码)</blockquote><p><img referrerpolicy="no-referrer" src="/img/remote/1460000045942176" alt="" title="" loading="lazy"></p><p>另一个非常有趣的字符串是攻击者意图接收加密货币的钱包地址。</p><p>这个地址并没有直接嵌入到HTML中,而是通过一个令人困惑的加密脚本进行控制,该脚本极力避免被审查,不断触发调试器进入循环。</p><p><img referrerpolicy="no-referrer" src="/img/remote/1460000045942177" alt="" title="" loading="lazy"></p><p>Guillermo Rauch晒出了脚本,表示还没有机会开始反向工程。</p><p><img referrerpolicy="no-referrer" src="/img/remote/1460000045942178" alt="" title="" loading="lazy"></p><p>最后Guillermo Rauch进行了一些反诈经验总结:</p><blockquote>启用<strong>非短信</strong><strong>方式的多因素认证</strong>(MFA) 即便开启了MFA,仍需<strong>对电子邮件保持高度警觉</strong>。现有攻击模式已能窃取MFA验证码 <strong>始终对域名和电子邮件保持警惕</strong>。</blockquote><p><img referrerpolicy="no-referrer" src="/img/remote/1460000045942179" alt="" title="" loading="lazy"></p><p>OpenAI这次被盗号发布钓鱼信息也是给大伙儿提了个醒。</p><p>童鞋们上网可要擦亮眼睛~</p><p>参考链接: [1]<a href="https://link.segmentfault.com/?enc=GKIeSnlJoXYU8o6fJTD7Tg%3D%3D.IjWLxXtVNfPW4CI%2FEESl%2Fyu38e2uXalqnsys9xBPBbsZzBz2KvyV6LzAzSmAzlBRTqCvrw2nrz9eBo5ycBMCEg%3D%3D" rel="nofollow" target="_blank">https://x.com/iScienceLuvr/st...</a> [2]<a href="https://link.segmentfault.com/?enc=HUklLLd6iVn9p3EKqQk84g%3D%3D.LVfi%2FrZO7L5ZaJAmECivkzdrFA7wb1%2FToHYiRp5Mh6pJPUcI8s4Q4T1OxsElmT3Y" rel="nofollow" target="_blank">https://news.ycombinator.com/...</a> [3]<a href="https://link.segmentfault.com/?enc=mDYOL7zwH2lzCYqdUQOaRQ%3D%3D.XKW9xsGl0w188JqeIvWsb9c7t79vAiIQ5a7HDgQ%2FEzd3g0073guQqVxINncD679TZNzcKUw6WHiwXhP3Wy6frA%3D%3D" rel="nofollow" target="_blank">https://x.com/SmokeAwayyy/sta...</a> [4]<a href="https://link.segmentfault.com/?enc=C7G76fHacOqHGEcPWXruww%3D%3D.PFSfeG2SJEDdz9wplnXkOcNEyS1cRVuwlEwUSxHisd2D8qguihfuKHtNGJroU%2F2y" rel="nofollow" target="_blank">https://x.com/rauchg/status/1...</a></p><p>— <strong>完</strong> —</p><p><strong>评选征集中</strong></p><p><strong>「2024人工智能年度评选」</strong></p><p>量子位2024人工智能年度评选已开启报名通道,评选从<strong>企业</strong>、<strong>人物</strong>、<strong>产品</strong>三大维度设立了5类奖项。</p><p><strong>欢迎扫码报名评选!</strong>评选结果将于12月<a href="https://link.segmentfault.com/?enc=QvHI3%2Fd%2BJBGZqOk8zmixNg%3D%3D.V72mek85vxr3rpBnB0KRF05Epd3DZLcLr7oHCdfAwpnAOMtvxQNrdXCrheAFRrCByv2hEzJYVkwQ5y1QiK7iNzgfMc5%2BuLnD5U%2B8z8M2wccRX2GoG3SMd2Llvc49KrEIqXVzXT7klFBrrq%2BuZSDU3h1iEm5NVF3%2B4kS8Jb9EdQWxl5VEmvJbqCmHlyYZZGljiHRnyGhBE6bWSnKffYjqStT97qAhimWYXhdQtfnVzy7VSGeLwA18cd34oD7zrqyTZcWuGtiAZKwD5t8izBI5cQOOPdxJxc0nliFRCVeFrgnPfICiSbf7HiRDuxnA%2BCXB" rel="nofollow" target="_blank">MEET2025智能未来大会</a>公布,期待与数百万从业者共同见证荣誉时刻。</p><p><img referrerpolicy="no-referrer" src="/img/remote/1460000045941925" alt="" title="" loading="lazy"></p><p><strong>一键三连「点赞」、「分享」和「在看」</strong></p><p><strong>科技前沿进展日日相见 ~</strong> </p><p><img referrerpolicy="no-referrer" src="/img/remote/1460000045941533" alt="" title="" loading="lazy"></p></article><div class="d-flex flex-wrap align-items-center "><div class="m-n1 d-flex flex-wrap align-items-center"><a href="/t/%E9%87%8F%E5%AD%90%E4%BD%8D" class="m-1 badge-tag ">量子位</a></div></div><div class="bg-light my-4 p-3"><a class="d-flex align-items-center link-dark" href="https://mp.weixin.qq.com/s/65zpulHvJgr2l_2uAII9Vg" target="_blank" rel="nofollow"><div class="d-flex align-items-center bg-secondary justify-content-center me-3 rounded px-3" style="width:48px;height:48px"><i class="far fa-file-lines fa-lg text-white"></i></div><div class="media-body w-100"><div class="mb-0 fw-bold"><span style="color:#000">本文系<!-- -->转载<!-- -->,阅读原文</span></div><div class="font-size-13 text-secondary text-truncate-1 w-75"><small style="word-break:break-word">https://mp.weixin.qq.com/s/65zpulHvJgr2l_2uAII9Vg</small></div></div></a></div><div id="OA_holder_3" class="OA_holder mt-4" style="display:none"></div><div class="functional-area-bottom text-center my-4 py-3"><div role="group" class="btn-group like-group align-items-center btn-group"><button type="button" class="btn me-2 rounded btn btn-outline-primary"><i class="far fa-thumbs-up"></i><span class="ms-1">赞</span></button><button type="button" class="btn me-2 rounded btn btn-outline-secondary"><i class="far fa-bookmark"></i><span class="ms-1">收藏</span></button><div class="bottom-share-wrap dropdown"><div class="nav-tab-item btn d-flex justify-content-center align-items-center dropdown-toggle" id="react-aria-2" aria-expanded="false"><button type="button" class="btn rounded btn btn-outline-secondary"><i class="far fa-share-nodes"></i><span class="ms-1">分享</span></button></div></div><canvas hidden="" class="qrcode"></canvas></div></div><canvas hidden="" class="qrcode"></canvas><div class="text-secondary font-size-14 mb-4 d-flex flex-wrap justify-content-between"><div><span>阅读 <!-- -->110</span><span class="split-dot"></span><a href="/a/1190000045942154/revision" class="link-secondary"><time dateTime="2024-09-24T03:40:00.000Z" itemProp="datePublished">发布于 <!-- -->2024-09-24 </time></a></div><div class="operation text-end"><div></div></div></div><hr class="mb-0 bg-black bg-opacity-50"/><div class="pt-4 d-flex flex-column flex-md-row"><div class="d-flex flex-fill"><a href="/u/qbitai"><div class="position-relative sflex-center rounded-circle flex-shrink-0 me-3" style="width:64px;height:64px" aria-hidden="true"><img src="https://avatar-static.segmentfault.com/300/500/3005009080-67569becde4f1_huge128" alt="头像" class="w-100 h-100 position-absolute left-0 top-0 rounded-circle bg-white"/></div></a><div><a href="/u/qbitai" class="link-dark"><h5 class="d-flex align-items-center mb-1">量子位</h5></a><div class="text-secondary mb-2"><span>53<!-- --> 声望</span><span class="split-dot"></span><span>20k<!-- --> 粉丝</span></div><div class="text-truncate-2"><p>一家专注于人工智能与前沿科技领域的产业服务平台。</p></div></div></div><div class="mt-sm-0 mt-3 d-flex align-items-start flex-shrink-0"><button type="button" class="w-100 btn btn-primary">关注作者</button></div></div><hr class="mb-4 bg-black bg-opacity-50"/><div class="d-flex justify-content-between"><div class="w-50"><div class="text-secondary">« 上一篇</div><a class="text-truncate-1" href="/a/1190000045942142">最新爆料:新模型就在明天!Claude 3.5超大杯成焦点,Gemini官方大佬下场留神秘表情,网友:快打起来</a></div><div class="d-flex flex-column align-items-end w-50"><div class="text-secondary">下一篇 »</div><a class="text-truncate-1" href="/a/1190000045942180">AI太火,量子位今年更缺人了 (含实习)</a></div></div></div></div><div class="d-none d-lg-block col-lg-2"><div class="sticky-outer-wrapper"><div class="sticky-inner-wrapper" style="position:relative;top:0px"><div id="collapseTarget" class="d-none ps-3 border-start w-100 mb-4"><div id="article-nav-list" class="font-size-14 w-100 list-group list-group-flush"></div></div><div id="OA_holder_1" class="OA_holder" style="display:none"></div></div></div></div></div><div id="fixedTools" class="position-fixed d-none " style="right:24px;bottom:24px"><button type="button" class="btn btn-light" title="回顶部">▲</button></div><div class="d-block d-sm-none fix-bottom-action-wrap"><div class="w-100 fixed-bottom-action d-flex align-items-center "><button type="button" aria-label="点赞" class="btn-reset text-center link-dark w-25 btn btn-link"><i class="far fa-thumbs-up"></i></button><button type="button" aria-label="收藏" class="btn-reset text-center link-dark w-25 btn btn-link"><i class="far fa-bookmark"></i></button><a class="text-center link-dark w-25" href="#comment-area"><i class="far fa-message-lines"></i></a><div class="bottom-share-wrap w-25 text-center dropdown"><button type="button" id="react-aria-3" aria-expanded="false" aria-label="分享" class="btn-reset link-dark dropdown-toggle btn btn-link"><i class="far fa-share-nodes"></i></button></div><canvas hidden="" class="qrcode"></canvas></div><canvas hidden="" class="qrcode"></canvas></div></div></div><div class="py-5 blog-comment-wrap container"><div class="row"><div class="mx-auto col-lg-7"><h3 class="text-center mb-4">引用和评论</h3><div class="mb-4 card"><div class="bg-transparent border-bottom-0 card-header"><strong>推荐阅读</strong></div><div class="list-group list-group-flush"><a href="/a/1190000046466983?utm_source=sf-similar-article" data-rr-ui-event-key="/a/1190000046466983?utm_source=sf-similar-article" class="d-flex align-items-center border-0 list-group-item list-group-item-action"><div class="position-relative sflex-center rounded-circle flex-shrink-0 " style="width:38px;height:38px"><img src="https://avatar-static.segmentfault.com/300/500/3005009080-67569becde4f1_big64" alt="头像" class="w-100 h-100 position-absolute left-0 top-0 rounded-circle bg-white"/></div><div class="ms-3"><h6 class="mb-1 text-break text-body fw-bold">全球首个无限时长视频生成!新扩散模型引爆万亿市场,电影级理解,全面开源</h6><p class="d-flex align-items-center font-size-14 mb-0"><span class="text-secondary">量子位</span></p></div></a><a href="/a/1190000046176280?utm_source=sf-similar-article" data-rr-ui-event-key="/a/1190000046176280?utm_source=sf-similar-article" class="d-flex align-items-center border-0 list-group-item list-group-item-action"><div class="position-relative sflex-center rounded-circle flex-shrink-0 " style="width:38px;height:38px"><img src="https://avatar-static.segmentfault.com/300/500/3005009080-67569becde4f1_big64" alt="头像" class="w-100 h-100 position-absolute left-0 top-0 rounded-circle bg-white"/></div><div class="ms-3"><h6 class="mb-1 text-break text-body fw-bold">Claude 3.7成精了!偷偷将OpenAI模型换成自己,卡帕西:迄今最好笑的一趴</h6><p class="d-flex align-items-center font-size-14 mb-0"><span class="text-secondary">量子位</span><span class="split-dot"></span><span class="text-secondary">赞 <!-- -->2</span><span class="split-dot"></span><span class="text-secondary">阅读 <!-- -->1.5k</span></p></div></a><a href="/a/1190000046089707?utm_source=sf-similar-article" data-rr-ui-event-key="/a/1190000046089707?utm_source=sf-similar-article" class="d-flex align-items-center border-0 list-group-item list-group-item-action"><div class="position-relative sflex-center rounded-circle flex-shrink-0 " style="width:38px;height:38px"><img src="https://avatar-static.segmentfault.com/300/500/3005009080-67569becde4f1_big64" alt="头像" class="w-100 h-100 position-absolute left-0 top-0 rounded-circle bg-white"/></div><div class="ms-3"><h6 class="mb-1 text-break text-body fw-bold">苹果把台灯做成机器人!能用动作表达情绪,重新定义机器人交互</h6><p class="d-flex align-items-center font-size-14 mb-0"><span class="text-secondary">量子位</span><span class="split-dot"></span><span class="text-secondary">赞 <!-- -->1</span><span class="split-dot"></span><span class="text-secondary">阅读 <!-- -->15.8k</span></p></div></a><a href="/a/1190000046062903?utm_source=sf-similar-article" data-rr-ui-event-key="/a/1190000046062903?utm_source=sf-similar-article" class="d-flex align-items-center border-0 list-group-item list-group-item-action"><div class="position-relative sflex-center rounded-circle flex-shrink-0 " style="width:38px;height:38px"><img src="https://avatar-static.segmentfault.com/300/500/3005009080-67569becde4f1_big64" alt="头像" class="w-100 h-100 position-absolute left-0 top-0 rounded-circle bg-white"/></div><div class="ms-3"><h6 class="mb-1 text-break text-body fw-bold">DeepSeek-R1持续刷屏,连Open R1都来了!抱抱脸发起,1天狂揽1.9k星</h6><p class="d-flex align-items-center font-size-14 mb-0"><span class="text-secondary">量子位</span><span class="split-dot"></span><span class="text-secondary">赞 <!-- -->1</span><span class="split-dot"></span><span class="text-secondary">阅读 <!-- -->1.8k</span></p></div></a><a href="/a/1190000046088419?utm_source=sf-similar-article" data-rr-ui-event-key="/a/1190000046088419?utm_source=sf-similar-article" class="d-flex align-items-center border-0 list-group-item list-group-item-action"><div class="position-relative sflex-center rounded-circle flex-shrink-0 " style="width:38px;height:38px"><img src="https://avatar-static.segmentfault.com/300/500/3005009080-67569becde4f1_big64" alt="头像" class="w-100 h-100 position-absolute left-0 top-0 rounded-circle bg-white"/></div><div class="ms-3"><h6 class="mb-1 text-break text-body fw-bold">苹果把台灯做成机器人!能用动作表达情绪,重新定义机器人交互</h6><p class="d-flex align-items-center font-size-14 mb-0"><span class="text-secondary">量子位</span><span class="split-dot"></span><span class="text-secondary">赞 <!-- -->1</span><span class="split-dot"></span><span class="text-secondary">阅读 <!-- -->4.1k</span></p></div></a><a href="/a/1190000046065980?utm_source=sf-similar-article" data-rr-ui-event-key="/a/1190000046065980?utm_source=sf-similar-article" class="d-flex align-items-center border-0 list-group-item list-group-item-action"><div class="position-relative sflex-center rounded-circle flex-shrink-0 " style="width:38px;height:38px"><img src="https://avatar-static.segmentfault.com/300/500/3005009080-67569becde4f1_big64" alt="头像" class="w-100 h-100 position-absolute left-0 top-0 rounded-circle bg-white"/></div><div class="ms-3"><h6 class="mb-1 text-break text-body fw-bold">“DeepSeek甚至绕过了CUDA”,论文细节再引热议,工程师灵魂提问:英伟达护城河还在吗?</h6><p class="d-flex align-items-center font-size-14 mb-0"><span class="text-secondary">量子位</span><span class="split-dot"></span><span class="text-secondary">阅读 <!-- -->3.6k</span></p></div></a><a href="/a/1190000046134519?utm_source=sf-similar-article" data-rr-ui-event-key="/a/1190000046134519?utm_source=sf-similar-article" class="d-flex align-items-center border-0 list-group-item list-group-item-action"><div class="position-relative sflex-center rounded-circle flex-shrink-0 " style="width:38px;height:38px"><img src="https://avatar-static.segmentfault.com/300/500/3005009080-67569becde4f1_big64" alt="头像" class="w-100 h-100 position-absolute left-0 top-0 rounded-circle bg-white"/></div><div class="ms-3"><h6 class="mb-1 text-break text-body fw-bold">一夜之间,萝卜快跑拿掉了所有安全员</h6><p class="d-flex align-items-center font-size-14 mb-0"><span class="text-secondary">量子位</span><span class="split-dot"></span><span class="text-secondary">赞 <!-- -->1</span><span class="split-dot"></span><span class="text-secondary">阅读 <!-- -->942</span></p></div></a></div></div><div id="comment-area" class="comment-wrap card"><div class="d-flex align-items-center justify-content-between bg-transparent border-0 card-header"><strong>0<!-- --> 条评论</strong><div aria-label="Basic" role="group" class="btn-group"><a role="button" tabindex="0" href="/a/1190000045942154?sort=votes" class="btn btn-secondary btn-sm">得票</a><a role="button" tabindex="0" href="/a/1190000045942154?sort=newest" class="btn btn-outline-secondary btn-sm">最新</a></div></div><div class="card-body"><div class="mb-4 media"><div class="position-relative sflex-center rounded-circle flex-shrink-0 me-3" style="width:38px;height:38px" aria-hidden="true"><img src="https://image-static.segmentfault.com/317/931/3179314346-5f61e47221e07" alt="头像" class="w-100 h-100 position-absolute left-0 top-0 rounded-circle bg-white"/></div><div class="media-body"><div class="mb-3"><div class="mentions-wrap dropdown"><textarea rows="3" placeholder="撰写评论 …" aria-label="评论" class="comment-text form-control"></textarea><div class="invalid-feedback"></div><div class="dropdown-toggle"></div></div></div><div class="d-flex justify-content-end align-items-center"><button type="button" aria-label="提示" class="me-3 btn-reset link-secondary btn btn-link"><i class="far fa-circle-info"></i></button><button type="button" aria-label="提示" class="me-3 btn-reset link-secondary btn btn-link"><i class="far fa-face-laugh"></i></button><button type="button" disabled="" class="float-end btn btn-primary">提交评论</button></div><div role="alert" class="fade mt-3 my-0 font-size-14 alert alert-info show">评论支持部分 Markdown 语法:<code>**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用</code>。你还可以使用 <code>@ </code>来通知其他用户。</div></div></div><div class="comment-body-wrap d-none"></div></div></div></div></div></div><footer class="d-none d-sm-block bg-white py-5 border-top"><div class="text-center text-secondary mb-1">©<!-- -->2025<!-- --> <!-- -->量子位技术号</div><div class="text-center text-secondary font-size-14">除特别声明外,<a target="_blank" class="link-secondary" href="https://creativecommons.org/licenses/by-nc-nd/4.0/">作品采用《署名-非商业性使用-禁止演绎 4.0 国际》进行许可</a></div><div class="d-flex justify-content-center my-4"><a role="button" tabindex="0" href="/blogs" class="d-flex align-items-center rounded btn btn-light"><svg width="16" height="16" viewBox="0 0 28 28" fill="none" xmlns="http://www.w3.org/2000/svg" class="me-2 text-primary"><title>SF使用 SegmentFault 发布