- Bittensor has explained how $8 million worth of TAO tokens were stolen this week
- The loss was due to a malicious software package which was downloaded by users
- The team has halted the blockchain and plans stricter security measures to prevent future incidents
Blockchain company Bittensor has issued a post-mortem following a hack on user wallets that led to $8 million worth of TAO tokens stolen. The value of the TAO token dropped 15% after news of the hack broke on Tuesday, with the blockchain halted on Wednesday as the team tried to remedy the situation. The team put the source of the hack down to a malicious software package and plans to implement stricter security measures to prevent a repeat.
Malicious PyPi Software to Blame
Bittensor reported that its Opentensor blockchain network faced a serious cyber attack on Tuesday that affected many users within the Bittensor community. The team says that it took action to protect the system by placing its validators behind a firewall and activating a safe mode, a precautionary step necessary to stop all transactions and allow the team to assess and understand the extent of the breach.
Comprehensive post mortem and next stepshttps://t.co/wXoOngneuG
— Bittensor (@bittensorcom) July 3, 2024
The investigation revealed that the attack originated from a malicious software package available on the popular PyPi platform. This harmful package tricked users into downloading it, and once installed, it stole critical security keys, giving the attacker access to user wallets.
Crypto Exchanges to Assist in Recovery
The Opentensor team swiftly removed the malicious package and began a comprehensive review of their system to ensure no other vulnerabilities were present, but not before $8 million worth of tokens could be stolen. The team has also reached out to cryptocurrency exchanges to help trace and potentially recover the stolen funds.
In order to prevent a repeat, Opentensor plans implement stricter security measures, including more frequent external audits and enhanced monitoring of software uploads. It has promised to update the community again today and will hold a Q&A session to address any concerns and explain the steps being taken to enhance security.