Multichain under fire from users as hacking losses grow to $3M

Published at: Jan. 20, 2022

Hackers have continued to exploit a critical vulnerability in the cross-chain router protocol (CRP) Multichain that first appeared on Jan 17.

Earlier this week, Multichain urged users to revoke approvals for six tokens to protect their assets from being exploited by malicious individuals.

However Multichain's announcement on Jan. 17 encouraged more hackers to try the exploit. One stole $1.43 million, another offered to return 80% while keeping the rest as a tip. According to Tal Be’ery, the co-founder of the ZenGo wallet, the stolen amount has now risen to $3 million.

The @MultichainOrg hack is far from being over.Over the last hours more than additional $1M stolen, rising the total stolen amount to $3M.One victim lost $960K!https://t.co/fYhYxUojB8 pic.twitter.com/Gvh5hB6t6s

— Tal Be'ery (@TalBeerySec) January 19, 2022

Six supported tokens are still subject to the security vulnerability including WETH, PERI, OMT, WBNB, MATIC, and AVAX.

Users have accused the company on social media of not providing them with clear enough information or support regarding the situation. One user who lost $960k offered 50 ETH to the hacker’s address in return for the remaining funds.

The company claimed on Jan.17 that the critical vulnerability affecting the six tokens had been reported and fixed on Jan. 17, but on Jan. 19 it again reminded users to revoke approvals of the tokens. Multichain has since turned off the comments on its recent tweets.

Crypto Twitter figure “ChainLinkGod” said that he was “incredibly confused” by the platform’s message, while “drarreg17” asked Multichain what it was going to do to “compensate users like myself who were affected by the exploits?”

I can’t be the only one who’s incredibly confused by @MultichainOrg’s messaging here Schrodinger‘s funds, both safe and unsafe at the same time pic.twitter.com/AW8s8aAhHk

— ChainLinkGod.eth 2.0 (@ChainLinkGod) January 19, 2022

Related: Multichain asks users to revoke approvals amid ‘critical vulnerability’

Unhappy users posting in the company’s Telegram group today complain  Multichain has not been able to resolve the security vulnerability yet, nor has it been able to provide its users with the support they seek.

Seems like @MultichainOrg reached out to the attackers offering them "bounty" (or in other words, actually paying ransom)https://t.co/DzUGUF3vX0 https://t.co/iKLh0HCBXG pic.twitter.com/yC3QEeiZhJ

— Tal Be'ery (@TalBeerySec) January 18, 2022

According to Be’ery, the company reached out to the original address that has been holding over 450 ETH ($1.43 million) in stolen funds since Jan. 18 and offered the hacker or hackers a bug “bounty for exploits.”

Multichain (formerly Anyswap) envisions being the ultimate router for Web 3.0. The ecosystem supports 30 chains, including Bitcoin (BTC), Avalanche (AVAX), Ethereum (ETH), Fantom (FTM), Litecoin (LTC), and Terra (LUNA), and offers no-slippage swapping.

With nearly $9 billion in TVL, it is unclear when and how Multichain will sort the situation. Cointelegraph has contacted the project for comment.

Tags
Related Posts
Multichain hacker returns 322 ETH, keeps hefty finders fee
In a dramatic twist, one of this week’s Multichain hackers has returned 322 ETH ($974,000 at the time of writing) to the cross-chain router protocol and one of the affected users. However the hacker kept 62 ETH ($187,000) as a “bug bounty”, and a total of 528 ETH (worth $1.6M) remains outstanding after the exploits. Earlier this week, news emerged of a security vulnerability with Multichain relating to the tokens WETH, PERI, OMT, WBNB, MATIC, and AVAX, and $1.43 million was stolen. Multichain announced on Jan. 17 the critical vulnerability had been “reported and fixed.” However, publicity about the vulnerability …
Blockchain / Jan. 21, 2022
Ethereum fees declining as DeFi markets cool
The DeFi bubble seems to be slowing down in the last months of 202, with fees and confirmation times retreating back to less formidable levels. "ETH fees are way down suggesting the DeFi madness has abated for now," Josh Olszewicz, also known as CarpeNoctom on Twitter, told Cointelegraph. "DeFi cooling off, BTC HR [hash rate] way down (-16% difficult adjustment)," he also said, referring to the situation on Bitcoin's (BTC) network. Bitcoin's network action, however, is not related to the drop in Ethereum fees, based on Olszewicz's opinion. "Just happens to correlate," he explained. Bitcoin's hash rate suffered a recent …
Blockchain / Nov. 4, 2020
Jump Crypto replenishes funds from $320M Wormhole hack in largest-ever DeFi 'bailout'
On Thursday, Jump Crypto, a crypto venture capital firm that owns Certus One, the developer of the Wormhole token bridge, announced it had deposited 120 thousand Ether (ETH) into a Solana-Ethereum bridge that suffered a devastating exploit. The day prior, hackers fraudulently minted 120 thousand wrapped Ether (wETH) worth $321 million on the Solana (SOL) platform, then redeemed 93,750 wETH for ETH on the Ethereum network while swapping the rest for other altcoins on the Solana network. The cross-chain ETH-wETH is supposed to have an exchange ratio of 1:1 against one another. Therefore, unauthorized minting of wETH leads to significant …
Technology / Feb. 3, 2022
STEPN impersonators stealing users' seed phrases, warn security experts
Peckshield, a prominent blockchain security firm, exposed the existence of numerous phishing websites for the Web3 lifestyle app STEPN on Monday. Hackers insert a forged MetaMask browser plugin through which they can steal seed phrases from unsuspecting STEPN users, according to Peckshield. When these cybercriminals obtain the seed phrase, they gain complete control over the STEPN user's dashboard where they may connect their stolen wallets to their own or "claim" a giveaway as per Peckshield. #PeckShieldAlert #phishing PeckShield has detected a bath of @Stepnofficial phishing sites. They insert a false Metamask browser extension leading to stealing your seed phrase or …
Adoption / April 25, 2022
Ethereum scaling network Arbitrum set for major upgrade on Aug. 31
Ethereum layer-2 scaling solution Arbitrum is set to undergo one of its most significant upgrades on Wednesday, set to increase transaction throughput, slash transaction fees and simplify cross-chain communication between Arbitrum and Ethereum. Referred to as the “Nitro” upgrade, Arbitrum reconfirmed the date of the upgrade in a Twitter post on Aug. 29, confirming that the upgrade will take effect on Aug. 31 at 10:30 AM Eastern Time, while noting a two to four hours of network downtime period is to be expected. Reminder — Arbitrum One is upgrading to Nitro on Wednesday 8/31. There will be 2-4 hours of …
Adoption / Aug. 30, 2022