New Report from Bittensor Reveals Vulnerability Behind $8 Million Exploit

A detailed report shedding light on the events surrounding recent attacks has now been released by the Bittensor team.

In a recent incident, Bittensor, a leading artificial intelligence-focused project, was forced to shut down its network after a series of attacks on its wallet, resulting in a loss of at least $8 million in TAO, Bittensor’s native token.

This incident comes less than a month after another wallet breach resulted in a loss of $11 million.

Causes of Bittensor Wallet Hacking

According to the report, at 19:41 UTC on Wednesday, the decision was made to put the Opentensor chain validators behind a firewall and enable secure mode in Subtensor due to the attack that affected several participants in the Bittensor community.

The timeline of the attack shows that the attacker initiated transfers from wallets to his wallet, which was detected by the Opentensor Foundation (OTF). A “war room” was reportedly set up to respond to the transfer volume anomaly.

Ultimately, the attack was neutralized by placing the Opentensor chain validators behind a firewall and activating secure mode. This action stopped all transactions and allowed for a full situational analysis of the attack.

The root cause of the attack can be traced back to version 6.12.2 of the PyPi package manager, where a malicious package was uploaded that compromised user security. This malicious package, disguised as a legitimate bittor file, contained code to steal unencrypted cold key details. When users downloaded the package and decrypted their hotkeys, the decrypted byte code was sent to a remote server controlled by the attacker.

The vulnerability is believed to have affected people who used Bittensor 6.12.2 and performed operations that involved decrypting hotkeys or keyboard shortcuts.

In addition, those who downloaded the Bittensor PyPi package between May 22, 19:14 UTC and May 29, 18:47 UTC and performed such operations are also likely affected.

Safety Precautions Recommended

The OTF team took immediate steps to mitigate the problem, including removing the malicious 6.12.2 package from the PyPi package manager repository. No other vulnerabilities have been identified to date, but a thorough assessment of all possible attack vectors is ongoing.

The Bittensor team has been working with several exchanges to provide details of the attack, trace the attacker, and potentially recover funds. As the code review nears completion, Opentensor plans to gradually resume normal operations of the Bittensor blockchain and allow transactions to flow again.

The team stresses the importance of taking precautions, such as creating new wallets and transferring funds once the blockchain is operational. Upgrading to the latest version of Bittensor is strongly recommended to improve security measures.

Bittensor plans to investigate the breach with the PyPi maintainers and implement improvements to prevent future incidents. These improvements include stricter access and verification processes for packages uploaded to PyPi, increased frequency of security audits, implementation of best practices in public security policies, and increased monitoring and logging of package uploads and downloads.

Currently, the project’s native token, TAO, is trading at $224, down more than 42% in the last 30 days alone. However, the token still has significant gains of more than 386% year-to-date.

By Audy Castaneda