Phemex分享了从前所未有的入侵中学到的教训。

即使领导者容易受到在线经营业务的风险。 Phemex是一种混合交易所，具有集中式和杂种最佳流程

Hybrid crypto exchange Phemex has shared some of the key lessons learned from its recent, unprecedented incursion by a serious threat actor.

Hybrid Crypto Exchange Phemex分享了从严重威胁行为者最近的前所未有的入侵中学到的一些关键课程。

The attack, which occurred at the end of January, saw the hacker, who has a history of crypto hacks and is considered to be extremely sophisticated, gain access to a small portion of Phemex’s hot wallet. The nature of the cyber-attack was complex and difficult to prevent.

这次袭击发生在1月底，看到了黑客，他有加密货币的历史，被认为是极其复杂的，可以访问Phemex的一小部分热钱包。网络攻击的性质很复杂且难以预防。

These perpetrators have not been publicly identified by law enforcement, likely reside in a state that supports this kind of action and are probably insulated from any prosecution or other legal action.

这些肇事者尚未被执法部门公开识别，可能存在于支持这种行动的州，并可能与任何起诉或其他法律诉讼隔离开来。

However, despite the technical difficulties posed by the attack and the fact that it was targeted at one of the world’s largest hybrid exchanges, Phemex managed to contain the damage quickly and recover core functionality to users within 24 hours – possibly one of the fastest recoveries from a hack by any established crypto exchange. Following that, Phemex implemented a strict, manual review of deposit and withdrawal transactions to reinforce security and ensure no malicious transactions were being made in the immediate aftermath.

然而，尽管这次攻击造成了技术困难，并且它是针对世界上最大的混合动力交易所之一的事实，但Phemex还是在24小时内迅速遏制了损害，并在24小时内恢复了核心功能，这可能是任何已建立的Crypto Exchange从黑客中获得最快的回收之一。在此之后，Phemex对存款和撤回交易进行了严格的手动审查，以加强安全性，并确保在直接的后果中不进行恶意交易。

"We want to use this piece to address the incident, talk about how we handled it, and explain what we’ve done to prevent such incidents in the future," says Phemex CEO Federico Variola.

Phemex首席执行官Federico Variola说：“我们想使用此作品来解决这一事件，谈论我们如何处理事件，并解释我们为预防此类事件所做的事情。”

He stressed that, while the attack came from a highly sophisticated threat actor, the vast majority of user funds were never at risk and the exchange covered all users’ losses.

他强调，尽管袭击来自高度成熟的威胁演员，但绝大多数用户资金从未受到风险，交易所涵盖了所有用户的损失。

"We also resumed core operations as quickly as possible and immediately revamped our hot wallet security infrastructure to greatly minimize these security risks in the future."

“我们还尽快恢复了核心操作，并立即改造了我们的热钱包安全基础设施，以极大地降低这些安全风险。”

[uuid]

The hybrid exchange's technical team has designed and implemented a new, more robust hot-wallet security infrastructure.

混合动力交易所的技术团队设计并实施了一个新的，更强大的热门安全基础架构。

"A major lesson we’ve learned and reflected on is that Phemex has grown very fast during the latest bull market and some of our operating procedures lagged behind our growth," Variola says. "This cyber-attack showed that the kind of security measures that may have been serviceable for our previous size are no longer acceptable for our current scale."

Variola说：“我们学到和反思的一个主要教训是，Phemex在最新的牛市期间的发展很快，我们的一些操作程序落后于我们的增长。” “这种网络攻击表明，对于我们以前的规模，可能已经可以使用的安全措施不再是我们当前规模的接受。”

Phemex's new structure is designed with a zero-trust architecture in mind and leverages cutting-edge Enclave technology. This includes AWS Nitro to achieve robust, chip-level security for hot wallets.

Phemex的新结构设计为零信任的体系结构，并利用了尖端的飞地技术。这包括AWS Nitro，以实现可用于热钱包的强大的芯片级安全性。

While that solves the immediate problem, it wouldn't put Phemex ahead of the hackers. So the team made moves to protect all wallets which any of its users might hold.

虽然解决了直接的问题，但它不会将Phemex置于黑客之前。因此，团队采取了行动，以保护所有用户可能拥有的所有钱包。

"We plan to employ a tiered-wallet system with cold wallets," Variola says. "It would also apply to hot wallets – which will hold a much smaller proportion of our funds moving forward."

Variola说：“我们计划采用带有冷钱包的分层墙壁系统。” “它也适用于热钱包 - 这将使我们前进的资金中的一小部分。”

The tiered system also applies to warm wallets, which combine hot wallets' internet connection, speed and efficiency with cold wallets' enhanced security and manual control.

分层系统还适用于温暖的钱包，该钱包结合了热钱包的互联网连接，速度和效率以及冷钱包的增强安全性和手动控制。

Phemex is also increasing the workforce dedicated to infrastructure security, with different teams overseeing separate elements and fewer individuals having access to the entire system. From end to end, every task will be reviewed by industry-leading third parties.

Phemex还增加了专门针对基础架构安全的劳动力，不同的团队负责监督单独的元素，并且更少的人可以访问整个系统。从头到尾，每个任务都将通过行业领先的第三方进行审查。

That could slow down the pace of Phemex's service delivery by a step, but Variola's team is convinced it must be done.

这可能会逐步降低Phemex服务交付的步伐，但Variola的团队坚信必须完成。

"The operations of our exchange will be more complex using the new system, but this cannot be avoided because security is of highest priority," Variola says. "We are extremely confident in the new system and we’re applying for third-party certifications on these security standards."

Variola说：“使用新系统，我们的交易所的运营将更加复杂，但由于安全性是最高的优先级，因此无法避免。” “我们对新系统非常有信心，我们正在申请有关这些安全标准的第三方认证。”