Odaily Planet Daily News Regarding the root cause of the Bittensor on-chain attack, the OpenTensor Foundation issued a statement saying that the attack was traced back to PyPi Package Manager version 6.12.2, in which a malicious package was uploaded, endangering user security. The malicious package disguised as a legitimate Bittensor package contains code for stealing unencrypted cold key details. When a user downloads this package and decrypts their cold key, the decrypted bytecode is sent to a remote server controlled by the attacker. Those affected are mainly users who downloaded the Bittensor PyPi package between May 22 and 29 and performed operations such as transfers, pledges, and delegations. Regarding mitigation measures, the OTF team has removed the malicious 6.12.2 version package from the PyPi package manager library. OTF has been conducting a detailed review of the Subtensor and Bittensor codes on Github to ensure that there are no other attack vectors, and no other vulnerabilities have been found so far. The OTF team will continue to thoroughly review and evaluate the codebase and conduct a comprehensive assessment of all other possible attack vectors. The OTF is also working with multiple exchanges to provide them with details of the attack so that the attacker can be tracked and the stolen funds can be recovered as much as possible. The OTF noted that the attack did not affect the blockchain or Subtensor code, and the underlying Bittensor protocol remains intact and secure. Once the code review is completed, Opentensor will gradually restore the normal operation of the Bittensor chain to make transactions smooth again.