Solana’s popular AI + DePIN project, io.net, was attacked by hacker @ledrog123 before the airdrop, resulting in the tampering of frontend data on the official website, causing widespread panic in the community. The io.net team responded by stating that the hacker did not access any sensitive user data or GPU resources, and announced a delay in the airdrop.
(Timeline:
io.net releases token economic model, gaining attention for the AI + DePIN project
)
(Background:
io.net research report: DePIN model solves GPU resource dilemma, opening a new era for AI applications?
)
Table of Contents:
1. io.net frontend hacked
2. Immediate actions taken by the official team
3. TGE postponed until after April 28th
io.net, the “AI + DePIN” project within the Solana ecosystem, has attracted market attention since its launch. Recently, it has become the center of community discussion due to the release of its token economic model on the 16th, the opening of user query points on the 22nd, and the announcement of the airdrop of its native token $IO on the 28th.
However, last night (25th), according to feedback from multiple community members, the io.net website experienced a malfunction, suspected to be the result of a hack by @ledrog123. This caused panic in the community, with concerns of their computers being controlled by hackers.
In response to this, Dwei, the Chinese ambassador of io.net, was the first to state that the hacker could only change the private names of users’ devices, and no new containers were running on the machines. The official team is currently working to salvage the situation and expects to restore normalcy within a few minutes. However, as of the deadline, the frontend has not yet been successfully recovered.
Subsequently, Ahmad Shadid, CEO and founder of io.net, provided an explanation on X:
Ahmad Shadid emphasized that they do not collect any personal identity information, and no sensitive user or device data has been leaked. The io.net system is designed with self-healing capabilities, continually updating each device to help restore any erroneously changed metadata.
In light of this attack, Ahmad Shadid stated that the integration of OKTA’s user-level identity verification system would be expedited and completed within the next 6 hours. Additionally, io.net will introduce Auth0 Token for user authentication to prevent unauthorized changes to metadata.
During the database recovery period, users will temporarily be unable to log in. All normal runtime records remain unaffected, and this will not impact user reward calculations. Users can continue to run workers, and io.net will soon request users to restart for security updates while providing a detailed report on this incident.
Regarding the reason behind the hacker’s attack, Ahmad Shadid stated that it was because io.net implemented a proof-of-work system to detect and remove any fake GPUs, which angered the hackers and prompted them to attack users with genuine devices. However, the exact motive is currently unknown.
This attack has affected the highly anticipated $IO airdrop participants. The official io.net Telegram administrator stated that the TGE (Token Generation Event) for $IO will be rescheduled for after April 28th. The exchange has requested a delay, and further detailed information regarding token issuance timing and methods will be provided.
At the same time, the official team emphasized that they do not conduct any private or presale activities and warned against potential scams. They are currently awaiting final confirmation of the date and hope to launch as soon as possible.
io.net TG
Related Reports
Commentary: Why AI + DePIN will be the main bullish wave of this round?
a16z releases 2024 narrative list, taking stock of concepts and related protocols
An overview of 6 AI encryption projects worth paying attention to in the Solana ecosystem