Io.net CEO Ahmad Shadid has recently provided a detailed account of a Sybil attack on the network, highlighting the company’s efforts to enhance security measures.
In a post on social media, Shadid revealed that the attackers took advantage of vulnerabilities to manipulate GPU availability and gain rewards from the decentralized computing network based on Solana.
Reflecting on the lessons learned from the recent attack, Io.net’s team conducted a comprehensive analysis to understand how the attackers were able to exploit the network.
The incident began when an unexpected surge in GPU connections was observed, with approximately 1.8 million fake GPUs attempting to connect to the network.
“Over the past 120 hours, we have worked diligently to remove the sybil attackers from the network, implement multiple security patches, and establish a new security framework to prevent future incidents,” said Shadid. “During this time, I have closely collaborated with the team.”
The attackers exploited a vulnerability that allowed them to mimic the signals sent by legitimate GPUs, deceiving the network into recognizing them as genuine.
“As with many startups, we operate at a fast pace, and sometimes things break,” Shadid acknowledged. “In this case, something broke, and someone or a group sought to exploit it.”
Shadid noted that after launching their fundraising and incentives program in March, Io.net experienced a significant increase in GPU connections. Initially, these connections appeared normal, with stable clustering and valid heartbeats.
However, the rapid growth overwhelmed their infrastructure, leaving the team unprepared and unable to identify underlying vulnerabilities.
“This attack has been a painful lesson for me,” the CEO admitted. “I apologize to the community for allowing it to occur. Much of the criticism we have received is valid, and our team accepts it gracefully.”
To strengthen network security and regain trust, Io.net is implementing a series of measures. Firstly, they are enhancing the clarity and transparency of their user interface. The dashboard now displays three key metrics, including total GPUs/CPUs connected and verified GPUs/CPUs that have passed the Proof of Work process.
The technology team is also committed to transparency and will soon release a list of known issues to keep the public informed, including ongoing bugs and necessary updates.
Lastly, the business team is coordinating a network reboot, prioritizing the strengthening of supplier relationships and the rapid restoration of the network’s operational capacity.
Stay updated with the latest news by following us on Google News.