Io.net 针对 SQL 注入攻击快速采取行动，保障 GPU 网络安全

为了应对针对 GPU 元数据的 SQL 注入攻击，Io.net 的首席安全官 Husky.io 宣布加强安全措施，并计划进行网络广播演示实时系统恢复。尽管遭到攻击，GPU 硬件仍然安全，网络完整性也得到保留。

Io.net's Swift Response to SQL Injection Attack Ensures GPU Network Integrity

Io.net 对 SQL 注入攻击的快速响应确保 GPU 网络完整性

In a major cybersecurity incident that tested the resilience of its decentralized physical infrastructure network (DePIN), Io.net swiftly implemented robust security measures to mitigate the impact of a SQL injection attack that compromised GPU metadata.

在一次测试其去中心化物理基础设施网络 (DePIN) 弹性的重大网络安全事件中，Io.net 迅速实施了强大的安全措施，以减轻 SQL 注入攻击损害 GPU 元数据的影响。

Rapid Response and System Recovery

快速响应和系统恢复

Upon detecting the attack at 1:05 a.m. PST on April 25, Io.net's Chief Security Officer, Husky.io, immediately initiated corrective actions to strengthen security and safeguard the network. The quick response prevented the malicious actors from compromising the actual GPU hardware, ensuring the integrity of Io.net's extensive network.

太平洋标准时间 4 月 25 日凌晨 1:05 检测到攻击后，Io.net 首席安全官 Husky.io 立即启动纠正措施，以加强安全并保护网络。快速响应阻止了恶意行为者损害实际 GPU 硬件，确保了 Io.net 广泛网络的完整性。

Strengthened Security Measures

加强安全措施

To enhance security, Io.net implemented several measures, including:

为了增强安全性，Io.net 实施了多项措施，包括：

• Added SQL injection checks to APIs
• Improved monitoring of unauthorized attempts
• Deployed a user-specific authentication solution based on Auth0 and OKTA to address vulnerabilities in universal authorization tokens

Mitigation of Impact

向 API 添加了 SQL 注入检查改进了对未经授权尝试的监控部署了基于 Auth0 和 OKTA 的特定于用户的身份验证解决方案，以解决通用授权令牌中的漏洞减轻影响

While the security updates coincided with a snapshot of the rewards program, resulting in a temporary dip in supply-side participation, Io.net proactively launched Ignition Rewards Season 2 in May to address these challenges. Ongoing efforts include working with vendors to upgrade, restart, and reconnect equipment to the network.

虽然安全更新与奖励计划的快照同时发生，导致供应方参与度暂时下降，但 Io.net 在 5 月份主动推出了 Ignition 奖励第 2 季来应对这些挑战。持续的努力包括与供应商合作升级、重启设备并将其重新连接到网络。

Exposure of API Vulnerabilities

API漏洞曝光

The attack highlighted vulnerabilities in Io.net's API, prompting intensive countermeasures. The attackers exploited a flaw in an API used to display items in the input/output explorer, inadvertently revealing user IDs when searching for device IDs. This exposed information was gathered into a database weeks before the incident.

这次攻击凸显了 Io.net API 中的漏洞，促使人们采取密集的对策。攻击者利用了用于在输入/输出资源管理器中显示项目的 API 中的缺陷，在搜索设备 ID 时无意中泄露了用户 ID。这些暴露的信息在事件发生前几周被收集到数据库中。

Prevention and Detection

预防与检测

Husky.io emphasized the critical importance of ongoing detailed assessments and penetration tests on public endpoints to identify and neutralize attacks early on. Io.net is committed to continuous security enhancements to safeguard its network and ensure the reliability of its services.

Husky.io 强调了对公共端点进行持续详细评估和渗透测试以尽早识别和消除攻击的至关重要性。 Io.net 致力于持续增强安全性，以保护其网络并确保其服务的可靠性。

Continued Supply-Side Engagement

供应方持续参与

Despite the incident, Io.net remains focused on fostering supply-side engagement and restoring network connections. The platform continues to service tens of thousands of compute hours monthly, providing critical computing resources for a wide range of applications.

尽管发生了这一事件，Io.net 仍然专注于促进供应方参与和恢复网络连接。该平台每月继续为数万个计算小时提供服务，为广泛的应用程序提供关键的计算资源。

Planned Webcast for Live System Recovery

计划进行实时系统恢复的网络广播

To further demonstrate its commitment to transparency and network resilience, Io.net has announced a planned webcast where experts will showcase live system recovery processes. This event will provide valuable insights into the company's security protocols and disaster recovery procedures.

为了进一步展示其对透明度和网络弹性的承诺，Io.net 宣布计划进行网络广播，专家将展示实时系统恢复流程。此次活动将为公司的安全协议和灾难恢复程序提供宝贵的见解。

Conclusion

结论

Io.net's swift response to the SQL injection attack serves as a testament to the company's commitment to protecting its network and preserving the integrity of its platform. Through rigorous security measures, ongoing security assessments, and proactive vendor collaboration, Io.net continues to provide a robust and secure infrastructure for its diverse customer base.

Io.net 对 SQL 注入攻击的快速响应证明了该公司致力于保护其网络和维护其平台完整性的承诺。通过严格的安全措施、持续的安全评估和积极的供应商协作，Io.net 继续为其多元化的客户群提供强大且安全的基础设施。