Author: rekt.news, Translated by: 0xjs@Golden Finance
On July 2, Bittensor’s blockchain was brutally hacked by hackers, resulting in a loss of $8 million due to an attack on the PyPi package manager.
While the validators meditated on their nodes, the attacker quietly drained their wallets faster than you can say “om”.
TAO went directly to the hacker’s wallet, and approximately 32,000 TAO tokens experienced unauthorized transfers.
The Bittensor team responded quickly to the situation, immediately stopped all network operations, and took decisive action to resolve the current problem.
The network enters “safe mode,” which allows blocks to be generated but prevents any transactions from being processed.
This action was taken to prevent further losses and protect users while a thorough investigation is conducted.
The event caused a rapid 15% drop in the value of the TAO token, demonstrating that in blockchain, as in life, everything flows…including market capitalization.
According to Bittensor’s Telegram message, users and stakers are safe. Only owners of some validators, subnets, and miners had their funds stolen.
Are you ready to solve this great mystery?
Investigation into Bittensor attack
Information source: Bittensor, ZachXBT
Bittensor initially announced on their Discord that some of their wallets had been hacked and said they were investigating and had stopped all on-chain transactions as a precaution.
The attack on the Bittensor blockchain was as precise as a string of well-practiced Qigong moves.
In just 3 hours, the attacker successfully hacked into multiple high-value wallets and stole approximately 32,000 TAO tokens.
As the Bittensor team scrambles to respond, the crypto community’s favorite on-chain detective has already stepped in to investigate.
Shortly after the theft, ZachXBT identified the address from which the stolen funds were taken: 5FbWTraF7jfBe5EvCmSThum85htcrEsCzwuFjG3PukTUQYot
Zach, ever the crypto detective, may have linked this to an incident on June 1 when a TAO holder had over 28,000 TAO stolen, worth $11.2 million at the time of the theft.
The day after the attack, the Opentensor Foundation (OTF) published their post-mortem analysis, revealing that the root cause of the attack was a compromise of the PyPi package manager.
Here’s how this digital dumpster fire evolved:
A malicious package masquerading as the legitimate Bittensor package snuck onto PyPi version 6.12.2.
The Trojan contains code designed to steal unencrypted cold key details.
When an unsuspecting user downloads this package and decrypts their cold key, the decrypted bytecode is sent to a remote server controlled by the attacker.
The vulnerability affects users who downloaded the Bittensor PyPi package or used Bittensor==6.12.2 between May 22 and May 29 and then performed operations such as staking, unstaking, transferring, delegating, or undelegating.
In response to the attack, the Bittensor team quickly put the chain into “safe mode,” pausing all transactions while continuing to generate blocks.
The swift action may have prevented further losses, but it also highlighted the centralized control the team maintains over a supposedly decentralized network.
OTF has taken immediate steps to mitigate the damage:
The malicious 6.12.2 package was removed from the PyPi package manager repository.
Performed a thorough review of the Subtensor and Bittensor code on Github.
Work with exchanges to track down the attacker and salvage funds where possible.
Going forward, OTF pledges to strengthen package verification, increase the frequency of external audits, improve security standards and increase monitoring.
OTF said the incident did not affect the blockchain or Subtensor code, and the underlying Bittensor protocol remains intact and secure.
They are also working with multiple exchanges to provide them with details of the attack so that the attackers can be tracked down and funds can be saved as much as possible.
As the dust settled, the community began to wonder how this malware had managed to get past PyPi's defenses, and whether this attack was connected to the June 1 theft.
In the world of Bittensor, the road to awakening seems to be paved with a few stolen empty wallets.
What are the implications?
The Bittensor hack exposed a serious vulnerability in the crypto ecosystem: reliance on third-party package managers.
While blockchain protocols themselves may be secure, the tools developers use to interact with them can become unexpected points of failure.
The incident raises questions about the security practices of PyPi and other package repositories that the crypto community relies on.
Its timing and similarities to the June 1 burglary cannot be ignored.
Are these isolated incidents, or is there a wider campaign targeting Bittensor and similar projects?
As the OTF worked with exchanges to track down the stolen funds, the community watched with bated breath, hoping that getting the tokens back after such a hack would be a possibility, though success in getting stolen funds back is rare.
Bittensor’s swift action to halt the network demonstrates the double-edged nature of centralized control in “decentralized” projects.
While it may have prevented further losses, it also highlighted the fragility of the system.
In crypto, the only constant is change, and occasionally, $8 million disappears.
As Bittensor reflects on its security practices, will they find true blockchain enlightenment, or are they doomed to continue laying these expensive stepping stones on the road to a more perfect protocol?