$8M theft forces Bittensor network shutdown

Avatar

Bittensor was forced to halt its network activity on July 3 following a series of wallet drains that stole at least $8 million worth of digital assets.

The network outage aiming to contain the exploit was announced by Ala Shaabana, the co-founder of Bittensor, in a July 3 X post:

“By way of an update, we have contained the attack and put the chain into safe mode (blocks producing but no transactions are permitted). We’re still mid-investigation and are considering all possibilities.”

Hacks and exploits remain one of the most pressing concerns for the crypto space that are delaying mass adoption. The crypto industry suffered nearly $19 billion worth of theft in the past 13 years across 785 reported crypto hacks.

Related: UwU Lend hit by $20M crypto hack

Attacker steals at least $8 million worth of TAO via potential private key leak

The theft was first discovered by pseudonymous onchain investigator ZachXBT in a July 3 Telegram message. He wrote:

“Bittensor was halted due to additional thefts earlier today potentially as a result of private key leakage.”

The unknown address ‘5FbW’ was exploited to obtain 32,000 Bittensor (TAO) tokens, worth approximately $8 million.

This latest attack comes a month after a different wallet was drained for $11.2 million worth of TAO tokens on June 1, according to ZachXBT.

TAO $11M wallet drain. Source: ZachXBT

Related: CoinGecko confirms email provider data breach, over 23,000 phishing emails sent

Private key leaks surpass smart contract thefts

While smart contract vulnerabilities previously accounted for the lion’s share of hacked funds, private key leaks have surpassed smart contract-related attacks.

Over 55% of the hacked digital assets were lost to private key leaks during 2023, according to Merkle Science’s “2024 Crypto HackHub Report” report.

Crypto total losses by vulnerabilities. Source: Merkle Science

This is partly because hackers are vying for easier targets, according to Mriganka Pattnaik, co-founder and CEO of crypto risk and intelligence platform Merkle Science.

Pattnaik told Cointelegraph:

“While smart contract vulnerabilities remain a concern, hackers increasingly target areas outside smart contracts, like private key leaks. These leaks, often due to phishing attacks or insecure storage practices, have led to significant losses.”

Meanwhile, hacked funds lost to smart contract vulnerabilities fell 92% to $179 million in 2023, down from a staggering $2.6 billion in 2022.

Magazine: VanEck files for Solana ETF, Ether supply inflates, and more: Hodler’s Digest, June 23–29