Ahmad Shadid, the head of the DePIN protocol project io.net, announced the blocking of actions by a group of individuals attempting to gain unauthorized access to user data and graphics processing unit (GPU) models. Shadid presented a detailed analysis of the security incident faced by the developers.
Postmortem on 4/27 Incident Report$IO Nation,
Over the last 120 hours, we worked to expel sybil attackers from the network, roll out multiple security patches, and put in place a new security model to prevent future incidents. The network infrastructure is now fully…
— SHADID | $IO™ (@shadid_io) April 28, 2024
He mentioned that the project team consists of over 100 individuals working on creating a decentralized computing network. The product is expected to address various computational access issues.
The CEO of io.net noted that due to the rapid development of the network infrastructure, a vulnerability emerged, which was exploited by unknown actors:
“As we worked through infrastructure stability, we began to suspect that there were groups of bad actors who were using various tactics to spoof workers on the network – this is a sybil attack (falsifying nodes in a network). […] The community began reporting these same bad actors selling virtualized GPUs and other services intended to fake GPUs in the network to farm our rewards program, which confirmed our suspicions but also revealed the scale of the abuse. Ten days ago, we saw an enormous spike of ~1.8M fake GPUs attempting to connect to the network, and our team prioritized identifying and blocking these devices.”
The Sybil attack poses a security threat where a hacker launches a network node and creates numerous different identifiers to spread or falsify data, gaining control over the blockchain.
Previously, one of the protocol users, Martin Shkreli, noticed an unusually high number of graphics processing units available on io.net.
How many GPUs does @ionet have?
Four answers:
1) 7648 (when trying to deploy)
2) 11107 (hand counted from their explorer)
3) 69415 (inexplicable # that doesnt change?)
4) 564306 (zero support, transparency or substance here. not even coreweave or AWS has this many btw)i think… pic.twitter.com/aAKj17Bhks
— Martin Shkreli (e/acc) (@MartinShkreli) April 27, 2024
Ahmad Shadid assured that the team has prioritized identifying and blocking such devices. He confirmed the stable operation of the network infrastructure and announced the launch of an airdrop:
“We are launching a second rewards program for suppliers running May 1st to May 30th, and I encourage any suppliers to reach out and talk to our team. We are here to help and answer questions. We are still on track to launch IO Cloud v2 and $IO Coin – we will not let these bumps in the road slow us down.“