Phemex分享了從前所未有的入侵中學到的教訓。

即使領導者容易受到在線經營業務的風險。 Phemex是一種混合交易所，具有集中式和雜種最佳流程

Hybrid crypto exchange Phemex has shared some of the key lessons learned from its recent, unprecedented incursion by a serious threat actor.

Hybrid Crypto Exchange Phemex分享了從嚴重威脅行為者最近的前所未有的入侵中學到的一些關鍵課程。

The attack, which occurred at the end of January, saw the hacker, who has a history of crypto hacks and is considered to be extremely sophisticated, gain access to a small portion of Phemex’s hot wallet. The nature of the cyber-attack was complex and difficult to prevent.

這次襲擊發生在1月底，看到了黑客，他有加密貨幣的歷史，被認為是極其複雜的，可以訪問Phemex的一小部分熱錢包。網絡攻擊的性質很複雜且難以預防。

These perpetrators have not been publicly identified by law enforcement, likely reside in a state that supports this kind of action and are probably insulated from any prosecution or other legal action.

這些肇事者尚未被執法部門公開識別，可能存在於支持這種行動的州，並可能與任何起訴或其他法律訴訟隔離開來。

However, despite the technical difficulties posed by the attack and the fact that it was targeted at one of the world’s largest hybrid exchanges, Phemex managed to contain the damage quickly and recover core functionality to users within 24 hours – possibly one of the fastest recoveries from a hack by any established crypto exchange. Following that, Phemex implemented a strict, manual review of deposit and withdrawal transactions to reinforce security and ensure no malicious transactions were being made in the immediate aftermath.

然而，儘管這次攻擊造成了技術困難，並且它是針對世界上最大的混合動力交易所之一的事實，但Phemex還是在24小時內迅速遏制了損害，並在24小時內恢復了核心功能，這可能是任何已建立的Crypto Exchange從黑客中獲得最快的回收之一。在此之後，Phemex對存款和撤回交易進行了嚴格的手動審查，以加強安全性，並確保在直接的後果中不進行惡意交易。

"We want to use this piece to address the incident, talk about how we handled it, and explain what we’ve done to prevent such incidents in the future," says Phemex CEO Federico Variola.

Phemex首席執行官Federico Variola說：“我們想使用此作品來解決這一事件，談論我們如何處理事件，並解釋我們為預防此類事件所做的事情。”

He stressed that, while the attack came from a highly sophisticated threat actor, the vast majority of user funds were never at risk and the exchange covered all users’ losses.

他強調，儘管襲擊來自高度成熟的威脅演員，但絕大多數用戶資金從未受到風險，交易所涵蓋了所有用戶的損失。

"We also resumed core operations as quickly as possible and immediately revamped our hot wallet security infrastructure to greatly minimize these security risks in the future."

“我們還盡快恢復了核心操作，並立即改造了我們的熱錢包安全基礎設施，以極大地降低這些安全風險。”

[uuid]

The hybrid exchange's technical team has designed and implemented a new, more robust hot-wallet security infrastructure.

混合動力交易所的技術團隊設計並實施了一個新的，更強大的熱門安全基礎架構。

"A major lesson we’ve learned and reflected on is that Phemex has grown very fast during the latest bull market and some of our operating procedures lagged behind our growth," Variola says. "This cyber-attack showed that the kind of security measures that may have been serviceable for our previous size are no longer acceptable for our current scale."

Variola說：“我們學到和反思的一個主要教訓是，Phemex在最新的牛市期間的發展很快，我們的一些操作程序落後於我們的增長。” “這種網絡攻擊表明，對於我們以前的規模，可能已經可以使用的安全措施不再是我們當前規模的接受。”

Phemex's new structure is designed with a zero-trust architecture in mind and leverages cutting-edge Enclave technology. This includes AWS Nitro to achieve robust, chip-level security for hot wallets.

Phemex的新結構設計為零信任的體系結構，並利用了尖端的飛地技術。這包括AWS Nitro，以實現可用於熱錢包的強大的芯片級安全性。

While that solves the immediate problem, it wouldn't put Phemex ahead of the hackers. So the team made moves to protect all wallets which any of its users might hold.

雖然解決了直接的問題，但它不會將Phemex置於黑客之前。因此，團隊採取了行動，以保護所有用戶可能擁有的所有錢包。

"We plan to employ a tiered-wallet system with cold wallets," Variola says. "It would also apply to hot wallets – which will hold a much smaller proportion of our funds moving forward."

Variola說：“我們計劃採用帶有冷錢包的分層牆壁系統。” “它也適用於熱錢包 - 這將使我們前進的資金中的一小部分。”

The tiered system also applies to warm wallets, which combine hot wallets' internet connection, speed and efficiency with cold wallets' enhanced security and manual control.

分層系統還適用於溫暖的錢包，該錢包結合了熱錢包的互聯網連接，速度和效率以及冷錢包的增強安全性和手動控制。

Phemex is also increasing the workforce dedicated to infrastructure security, with different teams overseeing separate elements and fewer individuals having access to the entire system. From end to end, every task will be reviewed by industry-leading third parties.

Phemex還增加了專門針對基礎架構安全的勞動力，不同的團隊負責監督單獨的元素，並且更少的人可以訪問整個系統。從頭到尾，每個任務都將通過行業領先的第三方進行審查。

That could slow down the pace of Phemex's service delivery by a step, but Variola's team is convinced it must be done.

這可能會逐步降低Phemex服務交付的步伐，但Variola的團隊堅信必須完成。

"The operations of our exchange will be more complex using the new system, but this cannot be avoided because security is of highest priority," Variola says. "We are extremely confident in the new system and we’re applying for third-party certifications on these security standards."

Variola說：“使用新系統，我們的交易所的運營將更加複雜，但由於安全性是最高的優先級，因此無法避免。” “我們對新系統非常有信心，我們正在申請有關這些安全標準的第三方認證。”