Bittensor Network Security Breach: Founders Issue Detailed Community Update

Opentensor Foundation outlines attack details, mitigation measures, and next steps.

  • Bittensor founders provide a detailed update on the recent security breach.
  • Attack traced to a malicious PyPi package compromising multiple users.
  • Opentensor Foundation is reviewing code and removing vulnerabilities.
  • Exchanges are involved in tracing the attacker to recover stolen funds.
  • Normal operations will resume after thorough security assessments.

Following the recent security breach on the Bittensor network, the founders Jacob Steeves (Const), Ala Shaabana (ShibShib), and The Opentensor Foundation have issued a detailed community update.

- Advertisement -

The breach prompted the Foundation to place the network’s chain validators behind a firewall to protect users from further damage.

  • The attack began on July 2 at 7:06 PM UTC when an attacker started transferring funds from user wallets into their own.
  • By 7:25 PM UTC, OTF detected abnormal transfer volumes and initiated a war room.
  • By 7:41 PM UTC, safe mode was activated to halt all transactions and analyze the situation.

Investigation and Root Cause

A private detective

The attack was traced back to a malicious package in the PyPi Package Manager version 6.12.2.

This package disguised itself as a legitimate Bittensor package but contained code designed to steal unencrypted coldkey details.

When users downloaded this package and decrypted their coldkeys, the decrypted bytecode was sent to a server controlled by the attacker.

Participants likely affected by this attack include anyone using Bittensor 6.12.2 who performed operations such as staking, transferring, or delegating funds during the vulnerability window from May 22 to May 29.

Fortunately, the underlying Bittensor protocol and Subtensor code remain uncompromised and secure.

- Advertisement -

Immediate Mitigation Measures

In response to the attack, OTF swiftly removed the malicious package from the PyPi repository. The team is meticulously reviewing the Subtensor and Bittensor code on GitHub to ensure no other vulnerabilities exist.

Exchanges have been provided with details of the attack to help trace the attacker and potentially recover stolen funds. The Bittensor community has also rallied to support these efforts.

Normal operations will gradually resume once the code review is complete. OTF is balancing urgency with caution to ensure a safe and responsible approach. Regular progress updates will be provided to keep the community informed.

- Advertisement -

Precautionary Steps and Future Enhancements

OTF advises users who suspect their wallets were compromised to create new wallets and transfer their funds once normal operations resume.

Users are also encouraged to upgrade to the latest version of Bittensor using the command “pip install –upgrade bittensor.”

Moving forward, OTF is working with PyPi maintainers to investigate the breach and prevent future incidents.

The foundation plans to implement enhanced package verification processes, increase the frequency of security audits, and adopt best practices in public security policies. Enhanced monitoring and logging of package uploads and downloads will also be introduced.

Follow BITNEWSBOT on FacebookLinkedin, Twitter, and Google News for instant updates >

Conclusion

The recent security breach on the Bittensor network led to a temporary halt in transactions and a thorough security review.

Founders Jacob Steeves, Ala Shaabana, and The Opentensor Foundation have communicated the details of the incident and outlined the steps being taken to address it.

As the network resumes normal operations, the community will be kept informed through regular updates and a Q&A session.

This incident serves as a critical moment for the Bittensor project, highlighting the importance of robust security measures in the cryptocurrency space.

Previous Articles:

- Advertisement -

Latest News

Shopify, Coinbase Launch USDC Payments; Mastercard Expands Crypto Access

Shopify and Coinbase allow merchants to accept USDC stablecoin payments, making crypto transactions easier...

Coinbase Launches Wrapped ADA and LTC on Base, COIN Hits New High

Coinbase has introduced wrapped versions of Cardano (ADA) and Litecoin (LTC) on its Ethereum...

ClickFix Attacks Surge 517% in 2025, Fake CAPTCHAs Spread Malware

ClickFix attacks using fake CAPTCHA verifications have risen by 517% in early 2025, according...

FHFA Orders Fannie, Freddie to Consider Crypto as Mortgage Collateral

The U.S. Federal Housing Finance Agency ordered Fannie Mae and Freddie Mac to consider...

Retail Investors Can Now Buy Tokenized Shares of SpaceX via Blockchain

Retail investors can now buy blockchain-based fractional shares in SpaceX through Republic. These digital tokens...

Must Read

What Is the Dencun Upgrade for Ethereum?

The Dencun Upgrade for Ethereum is poised to revolutionize the blockchain landscape, offering improved scalability, efficiency, and groundbreaking features. Set to launch at the...