Bittensor Network Halted After Users Fall Victim to Malicious Python Software
The Bittensor network was brought to a grinding halt after multiple users were targeted by hackers, resulting in losses of approximately $8 million. The attack, which originated from malicious software published on the Python Package Index (PyPi), has left the community reeling.
Bittensor’s co-founder, Ala Shaabana, announced that the network was placed in “safe mode” to prevent further losses.
On July 2, Bittensor’s co-founder, Ala Shaabana, announced that the Bittensor team had placed the network in “safe mode” by halting all network activity after several users suffered losses of 32,000 worth roughly $8 million. The decision was made to protect users from further losses and to investigate the attack.
The Attack: Malicious Software on PyPi
The attack originated from a malicious software package published on the Python Package Index (PyPi), a package repository for the Python programming language. The package, masquerading as a legitimate Bittensor package, contained code designed to steal users’ unencrypted private keys. If a user downloaded the package and decrypted their cold keys, the information was sent to a server controlled by the attacker, allowing them to take control of a victim’s wallet.
The malicious package was designed to steal users’ unencrypted private keys.
The Aftermath: Bittensor’s Response
The Opentensor Foundation (OTF) removed the malicious package from the PyPi Package Manager repository and announced its intention to resume normal operations after conducting a thorough code review examining “all other possible attack vectors.” The foundation is also in communication with PyPi’s maintainers to investigate the breach and prevent future incidents.
What’s Next for Bittensor Users?
The Opentensor Foundation urged users to upgrade to the latest version of Bittensor and for users who suspect their wallets were compromised to create a new wallet and transfer their funds once the network resumes operations.
Bittensor is an open-source protocol that powers a decentralized, blockchain-based machine-learning network.
Bittensor is among the largest AI-focused crypto projects, boasting a market cap of $1.5 billion, according to CoinGecko. The price of Bittensor’s TAO token tumbled more than 20% amid the turmoil, with the move accentuated by bearish momentum in the broader crypto markets.
Conclusion
The attack on Bittensor serves as a stark reminder of the importance of security in the crypto space. As the industry continues to evolve, it is crucial that developers and users alike remain vigilant and take necessary precautions to protect against malicious attacks.
