The cross-chain router protocol, Multichain, seems to have fallen victim to a significant exploit, with the estimated losses currently surpassing $126 million. The on-chain data reveals that crypto assets worth over $102 million were extracted from Multichain’s Fantom bridge contract on Ethereum. The withdrawn assets included $31 million in Wrapped Bitcoin (WBTC), $13.6 million in Wrapped Ether (WETH), and $58 million in USDC. The wallet address of the alleged exploiter held more than $126 million at the time of reporting.
The Unfolding of the Exploit
The exploit was identified by Peckshield, a blockchain security company. The potential hackers reportedly had a window of approximately three hours to block the exploit. The first indication of the exploit was a small transfer made on the Binance chain. The alleged hackers then began exploiting the ETH chain. The scale of the potential hack is enormous, with the theft amounting to around $126 million.
As the crypto community awaits further updates, the incident serves as a stark reminder of the potential vulnerabilities in the system. It underscores the need for robust security measures and the importance of constant vigilance in the rapidly evolving world of cryptocurrency.
Multichain’s Response and Security Firms’ Analysis of the Potential Exploit
The cross-chain router protocol, Multichain, seems to have fallen victim to a significant exploit, with the estimated losses currently surpassing $126 million. The on-chain data reveals that crypto assets worth over $102 million were extracted from Multichain’s Fantom bridge contract on Ethereum. The withdrawn assets included $31 million in Wrapped Bitcoin (WBTC), $13.6 million in Wrapped Ether (WETH), and $58 million in USDC. The wallet address of the alleged exploiter held more than $126 million at the time of reporting.
Multichain’s team, uncertain of the unfolding events, took to Twitter to advise users to halt all interactions with its services and revoke contract approvals for the time being.
Blockchain security firm SlowMist commented, “The activity seems to have ceased. However, considering multiple bridges have been drained, it appears more like a hack or a rugpull rather than a migration.”
SlowMist pointed out the initial suspicious transaction, which occurred at 4:21 pm UTC, where a mere $2 in USDC was withdrawn from the Multichain Fantom bridge. Two hours following this, the alleged hacker extracted $31 million WBTC, and an hour later, began draining the Multichain Moonriver bridge and the Multichain Dogechain bridge.
Blockchain security firm Certik, which had audited Multichain twice without identifying any critical issues with its codebase, stated, “This exploit seems to be the consequence of a private key compromise, and as such, it falls outside the purview of the audits we conducted.”
Recommended posts
You might also like
More from Altcoin
Source: https://cryptoticker.io/en/breaking-news-multichain-compromised/