Home / News / Crypto / News / Bittensor Hack: Post-Mortem Exposes Key Vulnerabilities That Led to $8M Exploit
5 min read

Bittensor Hack: Post-Mortem Exposes Key Vulnerabilities That Led to $8M Exploit

Last Updated July 8, 2024 8:20 AM
Lorena Nessi
Last Updated July 8, 2024 8:20 AM
By Lorena Nessi
Verified by Insha Zia

Key Takeaways

  • Hackers stole millions in TAO tokens, prompting Bittensor to halt all transactions for investigation.
  • The breach led to a massive drop in TAO’s price and sparked community reactions.
  • Bittensor released a post-mortem report of the exploit.

The crypto industry is plagued by an ever-growing number of hackers and scammers who are continuously on the hunt for a new victim, especially now as the market moves with fresh momentum and attracts more investors. Their latest victim? Bittensor, a decentralized AI network, which recently suffered an unusual security breach that led to its suspension.

With the dust from the attack settled, Bittensor conducted a post-mortem on the exploit, uncovering key vulnerabilities that paved the way for the hack.

Bittensor Affirms Commitment to Community is at its Core 

On July 4, 2024, Bittensor released an announcement that offered some reprieve to the community in light of its recent challenges. The decentralized AI platform ensured the integrity and security of their network remained robust, promising to take swift measures to secure the network and mitigate potential damage. 

They emphasized that they had analyzed the breach and enhanced the security protocols to safeguard against future vulnerabilities.  According to their post-mortem report , the attacker exploited a compromised version of the PyPi Package Manager to initiate unauthorized fund transfers to their own wallet by masquerading it as a legitimate Bittensor package.

When users downloaded the compromised Bittensor package, a script would send details of their cold key details to a remote server controlled by the attacker.

At the time of writing, The Opentensor Foundation (OTF) had removed the compromised package from its repository and reviewed other codes to ensure no other actor vector remained. OTF also revealed that it is actively working with exchanges, providing them with details of the attack in order to trace the attacker and potentially salvage funds.

Bittensor Affirms Blockchain is Safe and Unaffected

Bittensor specified that for completeness and clarity, ‘this attack DID NOT affect’ the blockchain or Subtensor code. They pointed out that the “underlying Bittensor protocol remains uncompromised and secure.”

Despite the concerns raised by the incident, the majority of TAO participants were not directly impacted by the breach, only those using the compromised Bittensor package.
On the official Discord channel, shibshib [т, T] emphasized that additional wallets were not compromised and no further funds were put at risk.

“We are continuing to work on developing a mechanism for securing at-risk funds,” they wrote in their announcement.

While some members of the Bittensor community were vocal about their concerns, others focused  on reassuring their peers and highlighting the inherent nature of these systems.

They emphasized how emotional responses, driven by the immediate impacts of incidents, often do not reflect the risks to all involved. 

Bittensor Forced to Suspend Network Following $8M Wallet Security Exploit

On July 2, On-chain analyst ZachXBT  sounded the alarm on an exploit affecting Bittensor, noting that hackers compromised users’ private keys and successfully pocketed over $8 million worth of TAO tokens using complex phishing and keylogging techniques.

Just two hours after the attack, Bittensor also  confirmed the attack with community Discord admin, const [т, T], notifying  users that the team was actively investigating the attack on user wallets

“We are investigating, and in an abundance of caution, have recently fully halted transactions on-chain until there is more information available to us about the nature of this attack,” the admin shared.

Following the exploit, Bittensor activated safe mode on their Subtensor, which paused all transactions, including transfers, for at least 24 hours while they investigated the root cause of the attack.

The developer team confirmed they would prioritize solving the issue for the rest of the week. The team announced they would not release any regular software updates or chain updates on either their mainnet or testnet until the chain was fully returned.

Implications and Market Reactions

Following the breach, the price of Bittensor’s native token, TAO, significantly dropped, plummeting by over 15% as panic set in among investors and users. The sharp decline reflected the immediate loss of confidence in the network’s security.

The trading volume of TAO also saw a sharp increase as users rushed to sell their tokens. Historically, such breaches have led to prolonged market instability, as seen in the aftermath of the DAO attack.

In addition to retail users flocking to liquidate their TAO tokens, the Bittensor community grabbed their pitchforks and demanded accountability from the team. 

Strong Community Reactions

Many users in the Bittensor community voiced strong reactions to the breach, reflecting their concern and demand for accountability and improved security measures. One user stated , “Where is team with clarity and explanation on this current situation? Staying in the shadows & kicking the can down the road is poor approach from team.” 

Another user, dx35, expressed  frustration regarding validators on the network, asserting, “I hope the tokens will be burned as a lesson to validators that cannot maintain safety practices and not returned to them.” 

While users were understandably frustrated, prominent validators such as the TAO Validator  expressed sympathy for the affected and said, ” These things, unfortunately, happen in Web3.” The project reiterated that such situations make and break projects and sent well wishes to Bittensor to come out of this situation on top.

Was this Article helpful? Yes No