Multichain Bridge has been the victim of a new hack worth an estimated $126 million, mainly with cryptocurrencies from Fantom (FTM). The origin of the theft remains unknown, and the Multichain team says it is working to shed light on the situation while its CEO has remained unaccounted for for over a month now.
Multichain victim of a new $126 million hack
The Multichain bridge has been the victim of a new hack, this time for an amount currently estimated at 126 million dollars. Various security firms have reported the incident, including PeckShield, BlockSec and CertiK.
The hacker’s first transaction turned out to be a simple transfer of 2 USDC from Fantom (FTM), 2 hours before he withdrew 1,023 WBTC, again from Fantom. About an hour later, the hacker also transferred funds from the Dogechain and Moonriver networks via the Multichain bridge
Summary of the funds transferred by the hacker, via @tayvano_
The cryptocurrencies stolen by the hacker are mainly USDC and USDT stablecoins, as well as WBTC, ICE, UNIDX, DAI, LINK, WOO, YFI, CRV and WETH. The stolen tokens were distributed across 6 different wallets.
Changpeng Zhao, CEO of Binance, took to Twitter to say that “it appears that a new hack has taken place on Multichain” and that this “does not affect Binance users”.
However, it has now been a while since the funds stolen by the hacker were moved from wallets to other addresses or possibly cryptocurrency blending protocols such as Tornado Cash, leading some observers to consider the possibility of a hack committed by a white hat.
Mystery surrounds Multichain
Multichain issued an evasive statement on Twitter to inform its users that the origin of the hack remained unknown, and that they were advised to revoke their authorisations on all smart contracts linked to the bridge.
The lockup assets on the Multichain MPC address have been moved to an unknown address abnormally.
The team is not sure what happened and is currently investigating.It is recommended that all users suspend the use of Multichain services and revoke all contract approvals…
– Multichain (Previously Anyswap) (@MultichainOrg) July 6, 2023
The assets locked to the Multichain MPC address have been moved to an unknown address in an abnormal manner. The team is not sure what happened and is investigating. All users are advised to suspend use of Multichain services and revoke all contract approvals related to Multichain. “
Some analysts have revealed that, given the process used, it would appear that the transfers were made by someone in possession of the private key(s) controlling the Multichain wallet. For its part, Fantom was keen to clarify the situation, stating that “for the avoidance of doubt, FTM was never issued or managed by Multichain, so [the tokens] wFTM, FTM ERC-20, and FTM on [the blockchain] Opera are not affected.”
Multichain’s services had already been disrupted at the end of May, when the protocol’s CEO, Zhaojun, was declared missing.
According to PeckShield, this is the 6th largest hack involving a cryptocurrency bridge. Over the past 3 years, approximately $1.92 billion has been stolen through cross-chain bridges
