Bittensor Reveals Vulnerability Behind $8 Million Exploit In Recent Report – Details

By • Posted in Crypto No Comments

In a recent incident, Bittensor, a outstanding AI-focused project, was forced to suspend its network operations following a series of wallet hacks, leading to a lack of at the very least $8 million value of TAO, Bittensor’s native token. 

This incident comes only a month after one other wallet breach that led to a lack of $11 million. The Bittensor team has now released an in depth report shedding light on the developments surrounding these attacks.

Root Causes Of Bittensor’s Wallet Hack

In accordance with the report, at 7:41 PM UTC on Wednesday, the choice was made to position the Opentensor Chain Validators behind a firewall and activate secure mode on Subtensor as a result of the attack that affected multiple participants within the Bittensor community. 

The attack timeline indicates that the attacker initiated fund transfers from wallets to their wallet, which was detected by the Opentensor Foundation (OTF). 

A “war room” was reportedly established to reply to the abnormality in transfer volume. Eventually, the attack was neutralized by placing the Opentensor chain validators behind a firewall and activating secure mode. This motion halted all transactions, allowing for a comprehensive situational evaluation of the attack.

The foundation explanation for the attack was traced back to the PyPi Package Manager version 6.12.2, where a malicious package was uploaded, compromising user security. 

This malicious package, disguised as a legitimate Bittensor file, contained code to steal unencrypted coldkey details. When users downloaded the package and decrypted their coldkeys, the decrypted bytecode was sent to a distant server controlled by the attacker.

The vulnerability is believed to have affected individuals who used Bittensor 6.12.2 and performed operations involving the decryption of hotkeys or coldkeys. 

Moreover, those that downloaded the Bittensor PyPi package between May 22, 7:14 PM UTC, and May 29, 6:47 PM UTC, and performed any relevant operations were also likely impacted.

Security Precautions Advised

Immediate mitigation steps were taken by the OTF team, including removing the malicious 6.12.2 package from the PyPi Package Manager repository. To date, no other vulnerabilities have been identified, but a comprehensive assessment of all potential attack vectors is ongoing.

The Bittensor team has collaborated with several exchanges to offer attack details, trace the attacker, and potentially recuperate funds. 

Because the code review nears completion, Opentensor plans to regularly resume normal operations of the Bittensor blockchain, allowing transactions to flow again. 

The team emphasizes taking precautions, resembling creating latest wallets and transferring funds once the blockchain is operational. Upgrading to the most recent version of Bittensor is strongly advised to reinforce security measures.

Bittensor plans to research the breach with the PyPi maintainers and implement enhancements to forestall future incidents. 

These enhancements include stricter access and verification processes for packages uploaded to PyPi, increased frequency of security audits, implementation of best practices in public security policies, and heightened monitoring and logging of package uploads and downloads.

The each day chart shows TAO’s price downtrend. Source: TAOUSD on TradingView.com

On the time of writing, the project’s native token TAO is trading at $224, down over 42% within the last 30 days alone. Nevertheless, the token still has significant gains of over 386% year-to-date.

Featured image from DALL-E, chart from TradingView.com

Leave a Comment

Copyright © 2024. All Rights Reserved. Finapress | Flytonic Theme by Flytonic.