Multichain Hack: What You Need to Know

2smh...KMBv

12 Jul 2023

119

Multichain, formerly known as Anyswap, a cross-chain bridge protocol that allows users to swap tokens across different blockchains, was hit by a massive exploit on July 6, 2023. Hackers withdrew more than $125 million worth of crypto from Multichain’s contracts, sparking fears of a rug pull by insiders. Here’s what you need to know about this incident and how to protect yourself.

What Happened?

On July 6, 2023, observers noticed that large amounts of crypto were being transferred out of Multichain’s contracts on Ethereum. The affected bridges included Fantom, Dogechain, and Moonriver. The hackers managed to withdraw:

$102 million worth of wETH, wBTC, and USDC from the Fantom bridge
$666,000 worth of DOGE from the Dogechain bridge
$6.8 million worth of USDC and USDT from the Moonriver bridge

The total amount stolen was over $125 million, making it one of the biggest crypto hacks in history.

How Did They Do It?

Multichain’s contracts are secured by a multi-party computation (MPC) system, which is similar to a multisig wallet. Instead of using private keys, MPC splits shards of a key among different parties who can cooperate to execute transactions. However, this system is vulnerable if an attacker can gain access to enough MPC keys.

It is possible that the hackers compromised Multichain’s MPC keys or that they were insiders who had access to them. Some clues that point to an inside job are:

Multichain’s CEO, Zhaojun, went missing before the exploit
The hackers did not swap out of centrally controlled assets like USDC, which can be frozen by the issuers

What Are the Consequences?

The exploit has caused a lot of damage and confusion in the crypto community. Multichain has advised users to stop using its services and revoke all contract approvals. Some of the stolen funds have been frozen by Circle and Tether, the issuers of USDC and USDT respectively. However, the majority of the funds are still at large.

The exploit has also raised questions about the security and trustworthiness of cross-chain bridge protocols, which are often experimental and risky. Users should be careful when using such services and do their own research before depositing their funds.

How to Stay Safe?

If you have used Multichain in the past or have any funds in its contracts, you should take the following steps:

Revoke all contract approvals for Multichain on Ethereum
Check your balances and transactions on Etherscan or other blockchain explorers
Report any suspicious activity or losses to Multichain or law enforcement

You should also be wary of any phishing attempts or scams that may try to take advantage of this situation. Do not click on any links or download any files from unknown sources. Always verify the authenticity and legitimacy of any communication or information you receive.

Learn More

If you want to learn more about the Multichain hack and cross-chain bridge protocols, you can check out these sources:

What Do You Think?

I hope this article has helped you understand what happened with the Multichain hack and how to protect yourself. If you found it useful, please share it with your friends and leave me a comment below.

I would love to hear your thoughts on this topic. Do you think this was an inside job or an external hack? How do you feel about cross-chain bridge protocols? Do you trust them or avoid them? What are some best practices for using them safely?
Let me know your opinions and questions in the comments section below.

My recent articles related to Crypto

And don’t forget to subscribe to my newsletter for daily updates on the crypto world. I will keep you informed about the latest news, trends, tips, and insights on everything related to cryptocurrencies.
Thank you for reading and stay tuned for more!