On July 4, the decentralized AI network Bittensor officially announced that its community participants suffered a serious security attack on July 2. The Bittensor Foundation has taken emergency action to block further capital outflows and launched an in-depth investigation into the attack. It is reported that the attack originated from a malicious program disguised as a legitimate Bittensor package in version 6.12.2 of the PyPi package manager. When users download the package and decrypt their cold wallet keys, the decrypted bytecode will be sent to the attacker's remote server, resulting in the theft of funds. Those affected are mainly users who downloaded the Bittensor PyPi package and performed transfers, pledges, and delegations between May 22 and 29. The Bittensor Foundation has removed the malicious package from PyPi and conducted a comprehensive review of the code, and no other vulnerabilities have been found. To curb losses, the Bittensor Foundation has placed the verification node behind a firewall and started safe mode on Subtensor. The Bittensor blockchain has suspended all transactions and will not return to normal until the vulnerability is fixed. The foundation is working with trading platforms to try to recover the stolen funds. The Bittensor Foundation said it will learn from the lessons, improve the software package verification process, increase the frequency of external audits, and improve security standards and monitoring levels. An AMA will be held in the near future to answer questions and concerns from the community. The foundation calls on users to transfer funds to new wallets as soon as possible and upgrade to the latest version of the Bittensor software package.
