Bittensor, an AI-focused blockchain project, recently disclosed details of a security breach that resulted in a loss of at least $8 million worth of its native token, TAO. 

The incident temporarily suspended network operations just a month after a similar breach, costing the project $11 million. Bittensor has now released a detailed report outlining the nature and cause of the recent exploit.

Root Causes of Bittensor’s Wallet Hack

The report identifies the root cause of the attack as a malicious package in the PyPi Package Manager version 6.12.2. The compromised package contained code designed to steal unencrypted coldkey details. 

When users downloaded this package and decrypted their coldkeys, the decrypted bytecode was transmitted to a remote server controlled by the attacker. This vulnerability primarily affected users who downloaded the Bittensor PyPi package between May 22 and May 29 and performed operations involving the decryption of hotkeys or coldkeys.

The attack timeline indicates that the attacker initiated fund transfers to their wallet, which was promptly detected by the Opentensor Foundation (OTF). A response team, referred to as a “war room,” was established to address the situation. The attack was neutralized by placing the Opentensor chain validators behind a firewall and activating safe mode. This halted all transactions and allowed for a detailed analysis of the breach.

Security Precautions and Immediate Actions

In response to the attack, the OTF team took immediate steps to mitigate the damage. This included removing the malicious 6.12.2 package from the PyPi Package Manager repository. Additionally, Bittensor has collaborated with several cryptocurrency exchanges to provide attack details, trace the attacker, and attempt to recover the stolen funds.

Bittensor is implementing several measures to enhance security and prevent future incidents. These include stricter access and verification processes for packages uploaded to PyPi, increased frequency of security audits, adherence to best practices in public security policies, and improved monitoring and logging of package uploads and downloads. 

Moreover, the Bittensor team advises users to upgrade to the latest version of Bittensor to create new wallets and transfer funds once the blockchain resumes normal operations.

Resumption of Operations and Ongoing Investigations

As the code review process nears completion, Opentensor plans to gradually resume normal operations of the Bittensor blockchain. This phased approach ensures that all security vulnerabilities have been addressed before allowing transactions to flow again. The Bittensor team remains committed to investigating the breach further with the PyPi maintainers and implementing additional security enhancements to prevent future incidents.

At the time of writing, TAO is trading at $201, reflecting a decline of over 10% in the past 24 hours, per CoinMarketCap data. Despite this recent downturn, the token has achieved substantial gains of more than 386% year-to-date.

Victor Muriki

LinkedIn Twitter WhatsApp

Victor Muriki is an esteemed writer focused on cryptocurrency and finance, holding a Bachelor's in Actuarial Science. Known for his sharp analysis and insightful content, he has a strong command of English and is skilled at conducting in-depth research and ensuring timely delivery.

Related Posts

Author by
Victor Muriki
Author by
Wilfred Michael

sidebar