Bittensor Discloses Details of a Security Breach That Resulted in a Loss of $8M Worth of TAO Tokens-web3.0-php.cn

Bittensor Discloses Details of a Security Breach That Resulted in a Loss of $8M Worth of TAO Tokens

Jul 11, 2024 pm 05:11 PM

The incident temporarily suspended network operations just a month after a similar breach, costing the project $11 million.

Bittensor Discloses Details of a Security Breach That Resulted in a Loss of M Worth of TAO Tokens

AI blockchain project Bittensor has disclosed details of a recent security breach that resulted in a loss of at least $8 million in its native token, TAO. The incident led to a temporary suspension of network operations, coming just a month after a previous breach cost the project $11 million.

Now, Bittensor has released a detailed report outlining the nature and cause of the latest exploit.

Root Cause of Bittensor’s Wallet Hack

The report identifies the root cause of the attack as a malicious package in the PyPi Package Manager version 6.12.2. The compromised package contained code designed to steal unencrypted coldkey details.

When users downloaded this package and decrypted their coldkeys, the decrypted bytecode was transmitted to a remote server controlled by the attacker. This vulnerability primarily affected users who downloaded the Bittensor PyPi package between May 22 and May 29 and performed any operations involving the decryption of hotkeys or coldkeys.

The attack timeline shows that the attacker initiated fund transfers to their wallet, which was quickly detected by the Opentensor Foundation (OTF). A response team, dubbed a “war room,” was established to handle the situation.

The attack was neutralized by placing the Opentensor chain validators behind a firewall and activating safe mode, which halted all transactions and allowed for a detailed analysis of the breach.

Security Actions and Immediate Measures

In response to the attack, the OTF team took immediate steps to mitigate the damage. This included removing the malicious 6.12.2 package from the PyPi Package Manager repository.

Furthermore, Bittensor has cooperated with several cryptocurrency exchanges to share details of the attack, in an effort to track down the attacker and attempt to recover the stolen funds.

To enhance security and prevent future incidents, Bittensor is implementing several measures. These include stricter access and verification processes for packages uploaded to PyPi, increasing the frequency of security audits, following best practices in public security policies, and improving monitoring and logging of package uploads and downloads.

Additionally, the Bittensor team advises users to upgrade to the latest version of Bittensor to create new wallets and transfer funds once the blockchain resumes normal operations.

Resumption of Operations and Further Investigations

With the code review process nearing completion, Opentensor plans to gradually resume normal operations of the Bittensor blockchain. This phased approach will ensure that all security vulnerabilities have been addressed before allowing transactions to flow again.

The Bittensor team remains engaged in further investigations into the breach with the PyPi maintainers and is committed to implementing additional security enhancements to prevent future incidents.

At the time of writing, TAO is trading at $201, showing a decline of over 10% in the past 24 hours, according to CoinMarketCap data. Despite this recent downturn, the token has achieved significant gains of more than 386% year-to-date.

The above is the detailed content of Bittensor Discloses Details of a Security Breach That Resulted in a Loss of $8M Worth of TAO Tokens. For more information, please follow other related articles on the PHP Chinese website!

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

FloppyPepe (FPPE) Price Could Explode As Bitcoin (BTC) Price Rallies Towards $450,000May 09, 2025 am 11:54 AM

According to a leading finance CEO, the Bitcoin price could be set for a move to $450,000. This Bitcoin price projection comes after a resurgence of good performances, signaling that the bear market may end.

Pi Network Confirms May 14 Launch—Qubetics and OKB Surge as Best Cryptos to Join for Long Term in 2025May 09, 2025 am 11:52 AM

Explore why Qubetics, Pi Network, and OKB rank among the Best Cryptos to Join for Long Term. Get updated presale stats, features, and key real-world use cases.

Sun Life Financial Inc. (TSX: SLF) (NYSE: SLF) Declares a Dividend of $0.88 Per ShareMay 09, 2025 am 11:50 AM

TORONTO, May 8, 2025 /CNW/ - The Board of Directors (the "Board") of Sun Life Financial Inc. (the "Company") (TSX: SLF) (NYSE: SLF) today announced that a dividend of $0.88 per share on the common shares of the Company has been de

Sun Life Announces Intended Renewal of Normal Course Issuer BidMay 09, 2025 am 11:48 AM

May 7, 2025, the Company had purchased on the TSX, other Canadian stock exchanges and/or alternative Canadian trading platforms

The Bitcoin price has hit $100k for the first time since February, trading at $101.3k at press time.May 09, 2025 am 11:46 AM

BTC's strong correlation with the Global M2 money supply is playing out once again, with the largest cryptocurrency now poised for new all-time highs.

Coinbase (COIN) Q1 CY2025 Highlights: Revenue Falls Short of Expectations, but Sales Rose 24.2% YoY to $2.03BMay 09, 2025 am 11:44 AM

Blockchain infrastructure company Coinbase (NASDAQ: COIN) fell short of the market’s revenue expectations in Q1 CY2025, but sales rose 24.2% year

Ripple Labs and the SEC Have Officially Reached a Settlement AgreementMay 09, 2025 am 11:42 AM

Ripple Labs and the U.S. Securities and Exchange Commission (SEC) have officially reached a deal that, if approved by a judge, will bring their years-long legal battle to a close.