Io.net CEO Ahmad Shadid recently disclosed details of a Sybil attack on the network, emphasizing the company’s measures to bolster security.
According to a postmortem Shadid published on social media, the attackers exploited vulnerabilities to spoof GPU availability and receive rewards of the decentralized computing network based on Solana.
Io.net CEO Reflects on Lessons Learned from Recent Attack
Following the discovery of the April 27 Sybil attack, Io.net’s team conducted a thorough analysis to understand how the attackers were able to exploit the network.
The incident began when an unexpected surge in GPU connections was noticed, with approximately 1.8 million fake GPUs trying to connect to the network.
“Over the last 120 hours, we worked to expel sybil attackers from the network, roll out multiple security patches, and put in place a new security model to prevent future incidents,” said Shadid. “During this time, I worked very closely with the team.”
Postmortem on 4/27 Incident Report$IO Nation,
Over the last 120 hours, we worked to expel sybil attackers from the network, roll out multiple security patches, and put in place a new security model to prevent future incidents. The network infrastructure is now fully…
— SHADID | $IO™ (@shadid_io) April 28, 2024
The attackers had exploited a vulnerability that allowed them to mimic the signals sent by genuine GPUs, thus fooling the network into recognizing them as legitimate.
“Like many startups, we move fast, and sometimes we break things,” stated Shadid. “In this case, something broke, and someone or some group sought to exploit that.”
Shadid noted that following the launch of their fundraising and incentives program in March, Io.net saw an exponential increase in GPU connections. Initially, these appeared normal with stable clustering and valid heartbeats.
However, the rapid growth overwhelmed their infrastructure, leaving the team unprepared and unable to detect underlying vulnerabilities.
“This attack was a painful lesson for me,” said the CEO. “I apologize to the community for allowing it to happen. Much of the criticism we’ve received is reasonable and our team takes it in stride.”
Implementing Enhanced Security and Transparency Measures
The company is actively implementing a series of measures to strengthen network security and restore confidence.
Firstly, Io.net is enhancing the clarity and transparency of its user interface. The network now displays three key metrics on its dashboard: total GPUs/CPUs connected, verified GPUs/CPUs that have passed the Proof of Work process, etc.
The technology team is also committed to transparency and will soon publish a list of known issues to keep the public informed, including ongoing bugs and necessary updates.
Lastly, the business team is coordinating a network reboot, which prioritizes strengthening supplier relationships and quickly restoring the network’s operational capacity.