And it was the only available to transfer funds to/from Fantom before modern omnichain solutions such as LayerZero came. So what happened?
Multichain Produced Fantom’s Debable?
On July 6, 2023, cross-chain bridge protocol Multichain experienced unusually large, unauthorized withdrawals. In what appears to be a hack or rug pull by insiders.
With over $125 million worth of cryptocurrencies withdrawn from multiple wallets, it affected the Ethereum side of Fantom, Moonriver, and Dogechain bridges. (These withdrawals represented the majority of funds held on each bridge).
Chainalysis believes the exploit may have resulted from compromised administrator keys, which some suggest means it could have been an “inside job.”
Another $103M has been transferred from #MultiChain to the 0x1eed63efba5f81d95bfe37d82c8e736b974f477b address.
Total transfer from Fantom, Arbitrum, Optimism, Cronos, Polygon, Avaleanche, BNB chain, Moonbeam, Ethereum:
: $23,999,250: $29,657,932 : $2,139,053… https://t.co/K7XL55uOMS
— Beosin Alert (@BeosinAlert) July 11, 2023
On July 11, another $103 million in crypto was moved to various blockchain addresses, security firm Beosin reported
How the Hack Happened?
Multichain was storing all shards of its private keys in a “cloud server account” under the sole control of its CEO. This cloud server account was later accessed by someone and used to drain funds from the protocol.
Blockchain security firm Peck Shield that the stolen funds included several stablecoins, including USDC, DAI, and tokens like Link, wBTC, and wETH.
#PeckShieldAlert@MultichainOrg was exploited for ~$126M
Assets valued at ~$118M were transferred out of the #Multichain bridge.
Specifically, tokens worth ~$16M, including , were sent to the address 0x9d57.
Other transfers involved ~$27.6M pic.twitter.com/bYDKx6Y2i5
— PeckShieldAlert (@PeckShieldAlert) July 7, 2023
The team previously stated in the protocol’s documents that no single server had access to all of the shards of a key.
isappearance of Multichain’s CEO
On May 31, 2023, Multichain revealed that it was unable to contact its CEO, Zhaojun.
It’s rumored that the multichain team has been arrested by the Chinese police, with 1.5 billion dollars of contract funds under control, and some team members transferred 494200 multi tokens from the team address to GATE today. Please be aware of the risks.#MultiChainpic.twitter.com/KpB9ehl5ls
— 0xfleet (@0xfleet) May 24, 2023
According to rumors circulating on Twitter, the Chinese police arrested Multichain’s team and confiscated $1.5 billion in smart contract funds.
1. On May 21, 2023, Multichain CEO Zhaojun was taken away by the Chinese police from his home and has been out of contact with the global Multichain team ever since. The team contacted the MPC node operators and learned that their operational access keys to MPC node servers had…
— Multichain (Previously Anyswap) (@MultichainOrg) July 14, 2023
According to the , they contacted the CEO’s family. They learned that Zhaojun’s computers, phones, wallets, and mnemonic phrases were seized by the authorities. They added that Zhaojun’s sister notified the team of an asset preservation act, transferring some funds to addresses under her control. However, this was followed by the Multichain CEO’s family notifying the team that Zhaojun’s sister was also taken into custody by the police and is now out of contact.
Aftermath
After the large withdrawals, the Multichain team tweeted that they were beginning an investigation and urged users to pause transactions.
The lockup assets on the Multichain MPC address have been moved to an unknown address abnormally.
The team is not sure what happened and is currently investigating.
It is recommended that all users suspend the use of Multichain services and revoke all contract approvals…
— Multichain (Previously Anyswap) (@MultichainOrg) July 6, 2023
A day later on July 7, the team followed up with a that the protocol would be stopping service indefinitely.
The Multichain service stopped currently, and all bridge transactions will be stuck on the source chains.
There is no confirmed resume time.
Please don’t use the Multichain bridging service now.
— Multichain (Previously Anyswap) (@MultichainOrg) July 7, 2023
The platform also suffered delayed transactions and other technical problems resulting in BINANCE ending support for several of its bridged tokens on July 7TH. On July 8TH, stablecoin issuers Circle and Tether over $65 million in assets tied to the Multichain exploit.
??The Multichain Executor address has been draining anyToken addresses across many chains today and moving them all to a new EOA pic.twitter.com/gqDaXMBl96
— Spreek (@spreekaway) July 10, 2023
On July 10, on-chain detective Spreek reported that an unknown individual was draining funds from the protocol. Sending them to fresh wallet addresses using a fee-based exploit.
Also, according to the July 14 post, the July 11 fee-based attack. It was a counter-exploit initiated by the CEO’s sister at the behest of the Multichain team. In an attempt to recover funds.
On July 14, Multichain’s official Twitter account announced that it would be halting its operations. Here is the second part