Multichain services stopped after $126 million hack

July 8, 2023

In a shocking turn of events, the blockchain platform, Multichain, fell to an exploit that resulted in the loss of $126 million worth of assets. The incident sent yet another shockwaves through the cryptocurrency community.

Moved to an unknown address abnormally

Announcing the hack on Twitter, the Multichain team wrote,

“The lockup assets on the Multichain MPC address have been moved to an unknown address abnormally. The team is not sure what happened and is currently investigating. It is recommended that all users suspend the use of Multichain services and revoke all contract approvals related to Multichain.”

The exploit targeted the Multichain Fantom Bridge, a crucial component of the platform’s infrastructure. The perpetrators managed to transfer assets valued at $118 million out of the bridge, leaving MultichainOrg and the crypto community in yet another shock.

DAI, LINK, USDT, USDC and wBTC moved by hacker

Among the tokens that were siphoned off were popular cryptocurrencies such as DAI, LINK, and USDT, with a combined value of $16 million. These tokens were sent to the address 0x9d57.

On-chain investigators are still puzzled as they try to trace the origin and identity behind this mysterious address.

That was not all. The exploit also involved significant transfers of funds. $27.6 million worth of USDT was redirected to address 0x027F, while an additional $30 million worth of USDC found its way to address 0xefeef. These transactions further deepened the mystery surrounding the mastermind behind this audacious attack.

PeckShieldAlert, a cybersecurity firm specializing in blockchain technology, gave a brief update on what happened during the hack, though a comprehensive report has yet to be released. The community is hoping that these details will be out soon.

The report said that 1,023 wBTC tokens, equivalent to $30.9 million, were also part of this heist. The sheer scale and complexity of these transfers left experts astounded and raised questions about the security measures in place within Multichain Organization.

Users told to revoke pending contract approvals on Multichain

As the news spread across social media and the cryptocurrency community, MultichainOrg’s leadership team halted activities on the blockchain. The latest release by the company advised against the use of the Multichain platform. The release said,

“The Multichain service has stopped currently, and all bridge transactions will be stuck on the source chains. There is no confirmed resume time. Please don’t use the Multichain bridging service now.”

The lockup assets on the Multichain MPC address have been moved to an unknown address abnormally.
The team is not sure what happened and is currently investigating.

It is recommended that all users suspend the use of Multichain services and revoke all contract approvals…

— Multichain (Previously Anyswap) (@MultichainOrg) July 6, 2023

As the investigation unfolded, tensions ran high, and the cryptocurrency community anxiously awaited justice. The exploit served as a stark reminder of the ever-present risks and vulnerabilities in the world of blockchain technology. It was a wake-up call for Multichain and other platforms to bolster their security measures and protect their users’ assets from future attacks.