Whitehat hacker hits multichain protocol, returns 259 ETH

TL;DR Breakdown

• White hat hackers hit Multichain protocol.
• Hack followed report that users could be exploited, Hackers swamped the platform.
• White Hat hacker broke in to ensure funds were kept safe.

A white-hat hacker has returned 259 Ethereum (around $900,000) after draining the coffers of Multichain users.

Multichain is a cross-chain router protocol that bridges users between thirty different blockchains, including Bitcoin, Ethereum, and Terra.

The users of cross-chain protocol lashed out over an unsolved security vulnerability that appeared earlier this week and the platform’s failure to act. Later on, though, Multichain revealed that one white-hat hacker returned 259 ETH, worth approximately $813,000.

How Multichain exploit all began

Earlier this week, Multichain, a platform that allows users to swap tokens between blockchains previously known as Anyswap, announced in a blog post that users needed to remove smart contract approvals to six tokens that were vulnerable to hackers.

The announcement backfired and tipped off multiple hackers, who immediately started draining funds from the vulnerable accounts. As of Wednesday afternoon, hackers had stolen more than $3 million, according to Tal Be’ery, a cybersecurity researcher who has been tracking the hack since the beginning.

One of those hackers turned out to be a self-styled good guy, however, positioning their own $1.2 million theft from multiple victims as a defensive hack and offering to return most of the funds.

Negotiations happened on the blockchain itself, with the “white hat” hacker and victims, as well as the company itself, swapping messages in Ethereum transactions. A day later, the so-called white hat returned more than $800,000, according to a transaction on the blockchain spotted by Be’ery.