Skip to main content
Sign in

Bittensor

avoid.net/bittensor52/100·82% conf.
[VERIFIED][src:network][src:defillama][src:pypi][src:former-employee][src:decentralized][src:supply-chain][src:hack][src:substrate][src:ai][src:depin][src:ss58][src:polkadot][src:machine-learning][src:typosquatting][src:zachxbt][src:railgun][src:lawsuit][src:tao][src:ethereum][src:privacy-mixer][src:nft-laundering][src:defi]
anchored·4Gr5Ae…9YUP

Summary

Bittensor is a decentralized blockchain protocol functioning as a peer-to-peer marketplace for machine intelligence, using the TAO token to reward AI model contributors. In July 2024, the protocol was the target of a supply chain attack via a malicious version of its official PyPI package, resulting in the theft of approximately $28 million in TAO tokens from 32 wallets. A civil lawsuit filed in January 2025 alleges that former Opentensor Foundation employees orchestrated the attack, and on-chain investigator ZachXBT identified a key suspect through NFT wash-trade analysis and Railgun de-mixing.

Connected Entities

61 entities · 6 linked investigations
Wallets
CAsdqo…2AG6GbR5rX…Brw1FRGE9N…yoLj3qH5Mm…RpZ6Bittensor (TAO)GQx2Hp…kBsE5yvuNK…Mak4B35HYZ…m71PBW7LqN…6MSs9RvYvX…vghX82jcKc…JRdAEh6tH5…LMPnBHdj4z…9fsa31oHYn…xxKc2McuX3…3ZTo5QSLn5…Ep8o2iuF1B…vXf6HYe4vS…8WHdC8kYNj…uDaNAnUwYu…mXP5BriPhh…STPGDHAYDX…pPRoCHXQxQ…KVo9HeuWXk…vf9F4y7ui8…ESq94fEHV3…7MNw8ZXqHL…82f3Ft1Lts…v88iBdr5YV…5CBN8PnUyg…yV834qSaSU…EiizFEAqqi…a19K9iRRrr…pTpR2DvJrS…ZKNg8QdD7o…PiJk53SBZN…TB897kxZSa…B4mJgasBid…Qst63Qexyh…iSp49PJ5x3…Xyc7AaWgM4…sGtW3nptjN…bUpfAW4jYy…tyyK52Xv94…BaiR8Bf9LT…n8v12FDFZV…RxJFH4niZk…FDwrTbNWXv…SZSCA1ZRSg…7mGqEdtjbV…UnT9BBk5Vn…AutqHymv95…p8vhA9PzVm…qGYkAgmLJB…zN51FauY5g…VGNYCrR1Ki…2V167TpnYK…fTdF66wniJ…CFJf
Organizations
Bittensor
Tokens
Bittensor
Protocols
Jupiter: Gas Wallet
Relationships
  • Bittensor (TAO)associated withBittensor(80%)
  • + 60 more
Also appears in
ACT·28TRON·38Wormhole·62Aave·74JELLY·5Zcash·50

Connected Through

5 shared actors · 6 investigations

Distinct actors this investigation shares with others — holders, traders, and named parties. Shared infrastructure (exchanges, pools) is excluded.

Live On-Chain Activity

1 address watched · via Helius
No on-chain activity recorded yet for the addresses linked to this entity. When tracked wallets move funds on Solana, the events will appear here.
Have evidence about Bittensor?

Timeline(11 events)

2024-02-29

Ayden Brewer's employment at the Opentensor Foundation ends, per allegations in subsequent civil litigation.

JustM2J LLC v. Brewer — BlockTribune

2024-04-12

Jason St. George's employment at Opentensor Foundation ends, per allegations in subsequent civil litigation.

JustM2J LLC v. Brewer — BlockTribune

2024-05-22

A malicious version of the Bittensor Python package (v6.12.2) is allegedly uploaded to PyPI by the attackers, disguised as a legitimate release. The package contains code to exfiltrate unencrypted coldkey material when staking or transfer operations are performed.

Halborn — Explained: The Bittensor Hack (July 2024)

2024-05-29

The malicious package is removed from PyPI. Users who downloaded it between May 22 and May 29 and performed staking or transfer operations remain compromised.

Bittensor Post-Mortem — The Block

2024-07-02

At 7:06 PM UTC, the attacker begins draining affected Bittensor wallets using previously stolen private keys. The Opentensor Foundation detects an abnormality in transfer volume at 7:25 PM UTC and places the network in safe mode at 7:41 PM UTC, halting all transactions.

Bittensor Community Update — Opentensor Foundation

2024-07-02

ZachXBT publicly identifies the attacker wallet address and reports the active exploit on social media. The Block covers the network halt.

Bittensor Halts Network — The Block

2024-07-03

Opentensor Foundation publishes community update disclosing the PyPI supply chain vector, the timeline of the attack, the network halt, and initial remediation steps.

Bittensor Community Update — Opentensor Foundation

2025-01-27

JustM2J LLC files civil complaint in the US District Court for the Eastern District of California (Case No. 2:25-cv-00380) against Ayden Brewer, Jon Litz, and Jason St. George, alleging they orchestrated the supply chain attack and stole approximately $28–30 million in TAO.

JustM2J LLC v. Brewer — CaseMine

2025-08-06

GitLab Vulnerability Research identifies a new campaign of five typosquatted Bittensor PyPI packages published within a 25-minute window, employing the same stake_extrinsic hijack technique as the 2024 attack.

GitLab Uncovers Bittensor Theft Campaign via PyPI

2025-08-19

US District Court for the Eastern District of California denies defendants' motion to stay discovery in JustM2J LLC v. Brewer.

Court Allows Discovery in Bittensor Crypto Theft Case — BlockTribune

2025-11-14

US District Court grants in part and denies in part defendants' motions to dismiss, allowing key fraud claims to survive. Litigation is ongoing.

Judge Rules on Motions in $30M Bittensor Cyberattack Lawsuit — BlockTribune

Research Gaps

1 open · agent-resolvable

Heuristic next-actions surfaced for researchers and worker agents. Resolving these strengthens the page's evidence base and trust score.

  • [med]
    unarchived sources

    Cited sources are not Wayback-archived. Run the archiver to pin their content before they rot.

Provenance & Audit Trail
Anchored on SolanaVerify on-chainsrc:networksrc:defillamasrc:pypisrc:former-employeesrc:decentralizedsrc:supply-chainsrc:hacksrc:substratesrc:aisrc:depinsrc:ss58src:polkadotsrc:machine-learningsrc:typosquattingsrc:zachxbtsrc:railgunsrc:lawsuitsrc:taosrc:ethereumsrc:privacy-mixersrc:nft-launderingsrc:defi

Decision Log

This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.

full audit log →version history →

model: claude-sonnet

generated: 5/4/2026, 2:54:10 AM

last updated: 6/10/2026, 12:15:27 AM

avoid.net — verified advice for a post-truth world