Author: rekt.news, compiled by 0xjs@黄金财经
On July 2, Bittensor's blockchain was brutally hacked by hackers due to an attack on the PyPi package manager, losing $8 million.
While validators were meditating on their nodes, attackers quietly drained their wallets faster than you can say "om".
TAO went directly to the hacker's wallet, and about 32,000 TAO tokens experienced unauthorized transfers.
The Bittensor team responded quickly to the situation, immediately stopping all network operations and taking decisive action to resolve the current problem.
The network entered "safe mode", allowing blocks to be generated but preventing any transactions from being processed.
This measure was taken to prevent further losses and protect users while a thorough investigation is conducted.
The incident caused the value of the TAO token to quickly fall by 15%, indicating that in blockchain, as in life, everything is flowing...including market capitalization.
According to Bittensor’s Telegram message, users and stakers are safe. Only owners of some validators, subnets, and miners have had their funds stolen.
Ready to solve this huge mystery?
Bittensor Hack Investigation
Sources: Bittensor, ZachXBT
Bittensor initially announced on their Discord that some of their wallets had been hacked, saying they were investigating and had stopped all on-chain transactions as a precaution.
The attack on the Bittensor blockchain was as precise as a string of well-practiced Qigong.
In just 3 hours, the attackers successfully hacked into multiple high-value wallets and stole approximately 32,000 TAO tokens.
While the Bittensor team scrambled to respond, the crypto community’s favorite on-chain detectives were already investigating.
Soon after the theft, ZachXBT identified the address from which the funds were stolen: 5FbWTraF7jfBe5EvCmSThum85htcrEsCzwuFjG3PukTUQYot
Being a crypto sleuth, Zach was able to link this to an incident on June 1st, when a TAO holder had over 28,000 TAO stolen, worth $11.2 million at the time of the theft.
The day after the attack, the Opentensor Foundation (OTF) published their post-mortem analysis, revealing thatthe root cause of the attack was a compromise of the PyPi package manager.
Here’s how this digital dumpster fire unfolded:
A malicious package sneaked into PyPi version 6.12.2, masquerading as the legitimate Bittensor package.
The Trojan contained code designed to steal unencrypted cold key details.
When an unsuspecting user downloaded this package and decrypted their cold keys, the decrypted bytecode was sent to a remote server controlled by the attacker.
The vulnerability affected users who downloaded the Bittensor PyPi package or used Bittensor==6.12.2 between May 22 and May 29 and then performed actions such as staking, unstaking, transferring, delegating, or undelegating.
In response to the attack, the Bittensor team quickly put the chain into “safe mode,” pausing all transactions while continuing to produce blocks.
This swift action may have prevented further losses, but it also highlighted the centralized control the team maintains over a supposedly decentralized network.
OTF has taken immediate steps to mitigate the damage:
Removed the malicious 6.12.2 package from the PyPi package manager repository.
Conducted a thorough review of the Subtensor and Bittensor code on Github.
Worked with exchanges to track down the attacker and salvage as much funds as possible.
Going forward, OTF has pledged to strengthen package validation, increase the frequency of external audits, improve security standards, and increase monitoring.
OTF said the incident did not affect the blockchain or Subtensor code, and the underlying Bittensor protocol remains intact and secure.
They are also working with multiple exchanges to provide them with details of the attack so that the attacker can be tracked and funds can be salvaged as much as possible.
As the dust settles, the community is beginning to ponder how this malware was able to penetrate PyPi’s defenses, and whether the attack is connected to the June 1st theft.
In the world of Bittensor, the road to awakening appears to be paved with some stolen, empty wallets.
What to expect
The Bittensor hack exposes a critical vulnerability in the crypto ecosystem: reliance on third-party package managers.
While blockchain protocols themselves may be secure, the tools developers use to interact with them can become unexpected points of failure.
The incident raises questions about the security practices of PyPi and other package repositories that the crypto community relies on.
The timing and similarities to the June 1st theft cannot be ignored.
Are these isolated incidents, or is there a broader campaign targeting Bittensor and similar projects?
As the OTF worked with exchanges to track down the stolen funds, the community watched with bated breath, hoping that getting tokens back after such a hack would be a reality, though it rarely succeeds.
Bittensor’s swift action to halt the network demonstrates the double-edged nature of centralized control in a “decentralized” project.
While it may have prevented further losses, it also highlighted the fragility of the system.
In crypto, the only constant is change, and occasionally, $8 million disappears.
As Bittensor reflects on its security practices, will they find true blockchain enlightenment, or are they doomed to continue laying these expensive stepping stones on the road to a more perfect protocol?
JinseFinance
Beincrypto
cryptopotato