Key Takeaways
The crypto industry is plagued by an ever-growing number of hackers and scammers who are continuously on the hunt for a new victim, especially now as the market moves with fresh momentum and attracts more investors. Their latest victim? Bittensor, a decentralized AI network, which recently suffered an unusual security breach that led to its suspension.
With the dust from the attack settled, Bittensor conducted a post-mortem on the exploit, uncovering key vulnerabilities that paved the way for the hack.
On July 4, 2024, Bittensor released an announcement that offered some reprieve to the community in light of its recent challenges. The decentralized AI platform ensured the integrity and security of their network remained robust, promising to take swift measures to secure the network and mitigate potential damage.
They emphasized that they had analyzed the breach and enhanced the security protocols to safeguard against future vulnerabilities. According to their post-mortem report , the attacker exploited a compromised version of the PyPi Package Manager to initiate unauthorized fund transfers to their own wallet by masquerading it as a legitimate Bittensor package.
When users downloaded the compromised Bittensor package, a script would send details of their cold key details to a remote server controlled by the attacker.
At the time of writing, The Opentensor Foundation (OTF) had removed the compromised package from its repository and reviewed other codes to ensure no other actor vector remained. OTF also revealed that it is actively working with exchanges, providing them with details of the attack in order to trace the attacker and potentially salvage funds.
Bittensor specified that for completeness and clarity, ‘this attack DID NOT affect’ the blockchain or Subtensor code. They pointed out that the “underlying Bittensor protocol remains uncompromised and secure.”
Despite the concerns raised by the incident, the majority of TAO participants were not directly impacted by the breach, only those using the compromised Bittensor package.
On the official Discord channel, shibshib [т, T] emphasized that additional wallets were not compromised and no further funds were put at risk.
“We are continuing to work on developing a mechanism for securing at-risk funds,” they wrote in their announcement.
While some members of the Bittensor community were vocal about their concerns, others focused on reassuring their peers and highlighting the inherent nature of these systems.
They emphasized how emotional responses, driven by the immediate impacts of incidents, often do not reflect the risks to all involved.
On July 2, On-chain analyst ZachXBT sounded the alarm on an exploit affecting Bittensor, noting that hackers compromised users’ private keys and successfully pocketed over $8 million worth of TAO tokens using complex phishing and keylogging techniques.
Just two hours after the attack, Bittensor also confirmed the attack with community Discord admin, const [т, T], notifying users that the team was actively investigating the attack on user wallets
“We are investigating, and in an abundance of caution, have recently fully halted transactions on-chain until there is more information available to us about the nature of this attack,” the admin shared.
Following the exploit, Bittensor activated safe mode on their Subtensor, which paused all transactions, including transfers, for at least 24 hours while they investigated the root cause of the attack.
The developer team confirmed they would prioritize solving the issue for the rest of the week. The team announced they would not release any regular software updates or chain updates on either their mainnet or testnet until the chain was fully returned.
Following the breach, the price of Bittensor’s native token, TAO, significantly dropped, plummeting by over 15% as panic set in among investors and users. The sharp decline reflected the immediate loss of confidence in the network’s security.
The trading volume of TAO also saw a sharp increase as users rushed to sell their tokens. Historically, such breaches have led to prolonged market instability, as seen in the aftermath of the DAO attack.
In addition to retail users flocking to liquidate their TAO tokens, the Bittensor community grabbed their pitchforks and demanded accountability from the team.
Many users in the Bittensor community voiced strong reactions to the breach, reflecting their concern and demand for accountability and improved security measures. One user stated , “Where is team with clarity and explanation on this current situation? Staying in the shadows & kicking the can down the road is poor approach from team.”
Another user, dx35, expressed frustration regarding validators on the network, asserting, “I hope the tokens will be burned as a lesson to validators that cannot maintain safety practices and not returned to them.”
While users were understandably frustrated, prominent validators such as the TAO Validator expressed sympathy for the affected and said, ” These things, unfortunately, happen in Web3.” The project reiterated that such situations make and break projects and sent well wishes to Bittensor to come out of this situation on top.