Bittensor Discovers Malicious Software as Source of $8 Million Loss

Bittensor, a decentralized AI network, faced a significant security incident on July 2, leading to the loss of $8 million in TAO tokens.

The OpenTensor Foundation (OTF), which oversees Bittensor, acted promptly to limit the repercussions. In its postmortem report dated July 3, the OTF pinpointed a harmful package in the PyPi Package Manager as the source of the breach.

Bittensor Wallet Loses $8 Million in TAO Tokens Due to Malicious Package: How?

The compromised package pretended to be a genuine Bittensor library but included code intended to capture unencrypted cold key information, transmitting the decrypted bytecode to a remote server managed by the attacker.

Bittensor Community Update

Yesterday at 7:41 PM UTC, we decided to secure the Opentensor Chain Validators behind a firewall and activated safe mode on Subtensor due to an attack impacting several members of the Bittensor community.

We have assembled a…

— Openτensor Foundaτion (@opentensor) July 3, 2024

The assault commenced at 7:06 P.M. UTC, with the attacker moving funds from compromised wallets to their own. By 7:25 P.M., OTF noticed unusual transfer volumes and set up a “war room” to tackle the situation.

By 7:41 P.M., validators were secured behind a firewall, and the network entered “safe mode,” ceasing all transactions to avert further harm and enabling a thorough situational assessment.

The breach impacted users who downloaded the PyPi Package Manager version 6.12.2 between May 22 and May 29 and engaged in specific activities such as staking, wallet transfers, or delegation.

– If you hold TAO on exchanges you are not at risk.

– If you installed Bittensor 6.12.2 from source you are not at risk.

– If you utilized a web wallet you are not at risk.

– If you installed Bittensor 6.12.2 from PyPy but did not execute any commands you are not at risk.

– If you…

— const (@const_reborn) July 3, 2024

After the discovery, OTF promptly eliminated the malicious package from the PyPi Package Manager repository and conducted a comprehensive review of the Subtensor and Bittensor code on GitHub. No additional vulnerabilities were found, but the team continues to evaluate the codebase and investigate possible attack vectors.

OTF is also working with various exchanges to track the attacker and potentially recover the stolen assets.

According to OTF, affected users can establish new wallets and transfer funds once regular operations resume. Upgrading to the latest version of Bittensor is highly advised.

Furthermore, OTF has committed to providing ongoing updates to the community and is implementing improved security measures to avert future incidents.

“In the short term, we are collaborating with the PyPi maintainers to investigate this breach and prevent similar occurrences in the future,” OTF stated in the report.

Bittensor To Implement Enhanced Security Measures

The security breach has affected the Bittensor community and resulted in a 15% drop in TAO’s price.

TAO Weekly Chart Source: CoinMarketCap

Despite this, some validators indicated that their delegators’ funds remained secure. The community has actively supported mitigation efforts, with numerous participants collaborating diligently with OTF.

In the postmortem report, OTF co-founder Ala Shaabana confirmed that the attack had been contained and that the team was exploring all possibilities.

“Finally, and for completeness and clarity, this attack DID NOT affect the blockchain or Subtensor code, and the underlying Bittensor protocol remains uncompromised and secure,” Shaabana stated.

Bittensor has also announced plans to implement enhanced security measures to prevent future exploits. OTF will issue another detailed update within 24 hours and conduct a Q&A session to address any remaining questions or concerns from the community.

The post Bittensor Identifies Malicious Package as Cause of $8 Million Drain appeared first on Cryptonews.