The Multichain bridge has been the victim of a new hack worth an estimated $126 million, mainly with cryptocurrencies from Fantom (FTM). The origin of the theft remains unknown, and the Multichain team assures that it is working to clarify the situation while its CEO has not been found for more than a month now.
Multichain victim of a new $126 million hack
The Multichain bridge has been the victim of a new hack, this time for a sum currently estimated at 126 million dollars. Various security firms have reported the incident, such as PeckShield, BlockSec or CertiK.
The hacker’s first transaction turns out to be a simple transfer of 2 USDC from Fantom (FTM), 2 hours before the latter withdraws 1,023 WBTC, still from Fantom. About an hour later, the hacker also transferred funds from the Dogechain and Moonriver networks through the Multichain bridge.
Summary of funds transferred by the hacker, via @tayvano_
The cryptocurrencies stolen by the hacker mainly consist of USDC and USDT stablecoins, as well as WBTC, ICE, UNIDX, DAI, LINK, WOO, YFI, CRV and WETH. The stolen tokens here were distributed through 6 different wallets.
Changpeng Zhao, CEO of Binance, took to Twitter to say, “ it looks like a new hack has taken place on Multichain » and that « does not affect Binance users “.
However, it has been a while since the funds stolen by the hacker have been moved from wallets to other addresses or possibly cryptocurrency mixing protocols such as Tornado Cash, which has led some observers to consider the possibility of a hack committed by a white hat.
👉 Browse Web3 safely with ZenGo Wallet
Discover ZenGo
$10 Bitcoin bonus from $200 deposit 🔥
The mystery surrounds Multichain
Multichain issued an evasive statement on Twitter to inform its users that the origin of the hack remained unknown, and that they were advised to revoke their authorizations on all smart contracts related to the bridge.
The lockup assets on the Multichain MPC address have been moved to an unknown address abnormally.
The team is not sure what happened and is currently investigating.It is recommended that all users suspend the use of Multichain services and revoke all contract approvals…
— Multichain (Previously Anyswap) (@MultichainOrg) July 6, 2023
“Assets locked to the Multichain MPC address have been abnormally moved to an unknown address. The team isn’t sure what happened and is investigating. It is recommended that all users suspend the use of Multichain services and revoke all contract approvals related to Multichain. »
Some analysts have revealed that given the process used, it would appear that the transfers were made by someone in possession of the private key(s) controlling the Multichain wallet. For its part, Fantom wanted to clarify the situation, indicating that ” for the avoidance of doubt, FTM was never issued or managed by Multichain, so [les tokens] wFTM, FTM ERC-20, and FTM on [la blockchain] Opera are not affected. »
Multichain’s services had already been disrupted at the end of May, when the protocol’s CEO, Zhaojun, was reported missing.
According to PeckShield, this is the 6th biggest hack on a cryptocurrency bridge. Over the last 3 years, approximately $1.92 billion was stolen through cross-chain bridges.
👉 On the same subject – Attacks in cryptos exploded in the second quarter of 2023
The best way to secure your cryptocurrencies?
? Buy, trade, grow and manage over 5,500 cryptos
Newsletter 🍞
Receive a summary of crypto news every Monday by email 👌
What you need to know about affiliate links. This page may feature investment-related assets, products or services. Some links in this article may be affiliated. This means that if you buy a product or register on a site from this article, our partner pays us a commission. This allows us to continue to offer you original and useful content. There is no impact on you and you can even get a bonus by using our links.
Investments in cryptocurrencies are risky. Cryptoast is not responsible for the quality of the products or services presented on this page and could not be held responsible, directly or indirectly, for any damage or loss caused following the use of a good or service highlighted in this article. Investments related to crypto-assets are risky in nature, readers should do their own research before taking any action and only invest within the limits of their financial capabilities. This article does not constitute investment advice.
AMF recommendations. There is no guaranteed high return, a product with high return potential involves high risk. This risk-taking must be in line with your project, your investment horizon and your ability to lose part of this savings. Do not invest if you are not ready to lose all or part of your capital.
To go further, read our Financial Situation, Media Transparency and Legal Notices pages.