Ahmad Shadid, the CEO of Io.net, has revealed specifics of a Sybil assault on the network while highlighting the steps the organization is doing to strengthen security.
Shadid's postmortem, which was shared on social media, claims that the attackers used weaknesses to pretend that a GPU was available and to get incentives from the Solana-based decentralized computing network.
The CEO of Io.net Considers the Takeaways from the Latest Attack
Io.net's team carried out a comprehensive investigation after learning about the April 27 Sybil assault to find out how the attackers were able to take advantage of the network.
About 1.8 million fictitious GPUs were attempting to join to the network when an unexpected spike in GPU connections was seen, sparking the start of the issue.
Shadid stated, "We worked to remove Sybil attackers from the network over the last 120 hours, deploy multiple security patches, and implement a new security model to prevent future incidents." "I worked very closely with the team during this time."
By using a flaw in the way authentic GPU signals were conveyed, the attackers were able to imitate such signals and trick the network into thinking they were real.
Shadid said, "Like many startups, we move fast and sometimes we break things." "Someone or some group tried to take advantage of the fact that something broke in this instance."
Shadid reported that Io.net experienced an exponential rise in GPU connections after their fundraising and reward campaign launched in March. These looked normal at first, with persistent clustering.
But its infrastructure was unable to keep up with the quick expansion, so the team was unprepared and unable to identify fundamental problems.
"I learned a painful lesson from this attack," declared the CEO. "I'm sorry to the community for letting that take place. Our team accepts the majority of the criticism that we have received since it is reasonable."
Putting in Place Increased Security and Openness Measures
The organization is proactively putting a number of security measures into place and working to rebuild trust.
First off, Io.net is improving the UI's transparency and clarity. On its dashboard, the network now shows three important metrics: the total number of GPUs and CPUs connected, the confirmed GPUs and CPUs that have completed the Proof of Work procedure, etc.
As part of their commitment to openness, the technical team will shortly release a list of known problems, which will include ongoing bugs and required upgrades, so that the public is kept aware.
The business team is also organizing a network reboot, with a focus on expeditiously restoring the network's operating capacity and fortifying supplier connections.
April 2024, Cryptoniteuae