Bittensor Identifies Malicious Package as Cause of $8 Million Drain

bittensor TAO Wallet Drain
Last updated:
Journalist
Journalist
Hassan Shittu
About Author

Hassan, a Cryptonews.com journalist with 6+ years of experience in Web3 journalism, brings deep knowledge across Crypto, Web3 Gaming, NFTs, and Play-to-Earn sectors. His work has appeared in...

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

Bittensor, a decentralized AI network, experienced a severe security breach on July 2, which resulted in the theft of $8 million worth of TAO tokens.

The OpenTensor Foundation (OTF), the organization behind Bittensor, has taken swift action to mitigate the damage. In its July 3 postmortem report, the OTF identified a malicious package in the PyPi Package Manager as the root cause of the breach.

Bittensor Wallet Loses $8 Million in TAO Tokens Due to Malicious Package: How?

The compromised package masqueraded as a legitimate Bittensor library but contained code designed to steal unencrypted cold key details, sending the decrypted bytecode to a remote server controlled by the attacker.

The attack began at 7:06 P.M. UTC, with the attacker transferring funds from compromised wallets to their own. By 7:25 P.M., OTF detected abnormal transfer volumes and initiated a “war room” to address the issue.

By 7:41 P.M., validators were placed behind a firewall, and the network entered “safe mode,” halting all transactions to prevent further damage and allowing for a detailed situational analysis.

The breach affected users who downloaded the PyPi Package Manager version 6.12.2 between May 22 and May 29 and performed specific operations such as staking, wallet transfers, or delegation.

Following the discovery, OTF quickly removed the malicious package from the PyPi Package Manager repository and thoroughly reviewed the Subtensor and Bittensor code on GitHub. No other vulnerabilities were identified, but the team continues to assess the code base and investigate potential attack vectors.

OTF is also collaborating with several exchanges to trace the attacker and potentially recover stolen funds.

According to OTF, affected users can create new wallets and transfer funds once normal operations resume. Upgrading to the latest version of Bittensor is strongly recommended.

Additionally, OTF has pledged to provide regular updates to the community and is implementing enhanced security measures to prevent future incidents.

“In the immediate term, we are working with the PyPi maintainers to investigate this breach and prevent future such incidents,” OTF said in the report.

Bittensor To Implement Enhanced Security Measures

The security breach has impacted the Bittensor community and led to a 15% decline in TAO’s price.

TAO Weekly Chart Source: CoinMarketCap

Despite this, some validators reported that their delegators’ funds were secure. The community has actively supported mitigation efforts, with many participants working tirelessly alongside OTF.

In the postmortem report, OTF co-founder Ala Shaabana assured that the attack had been contained and that the team was investigating all possibilities.

“Finally, and for completeness and clarity, this attack DID NOT affect the blockchain or Subtensor code, and the underlying Bittensor protocol remains uncompromised and secure,” Shaabana said.

Bittensor has also announced implementing enhanced security measures to prevent future exploits. OTF will provide another comprehensive update within 24 hours and hold a Q&A session to address any lingering questions or concerns from the community.

More Articles

Blockchain News
What’s Happening in Crypto Today? Daily Crypto News Digest
Sead Fadilpašić
Sead Fadilpašić
2025-02-14 15:30:53
Press Releases
Best Presales to Buy Now – Which Projects Will Explode Next?
2025-02-14 15:26:33
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors