Multichain was recently hacked in the past couple of days, and $3 million were stolen due to a security vulnerability.
One of this week’s Multichain hackers has returned 322 ETH ($974,000 at the time of writing) to the cross-chain router protocol and one of the impacted users in a dramatic twist. However, the hacker kept 62 ETH ($187,000) as a “bug bounty,” and 528 ETH (worth $1.6 million) is still owed as a result of the exploits.
Security issue in Multichain
A security issue in Multichain was discovered earlier this week involving the tokens WETH, PERI, OMT, WBNB, MATIC, and AVAX, and $1.43 million was taken. The major vulnerability had been “reported and rectified,” according to Multichain, which revealed it on Jan. 17. However, the vulnerability’s exposure apparently prompted a slew of other attackers to pounce, resulting in more than $3 million in losses.
The money was taken from the account. The six coins’ major vulnerability remains, but Multichain has drained $44.5 million from several chain bridges to secure them.
One of the hackers, who goes by the moniker “white hat,” has been in contact with both Multichain and a user who lost $960,000 in the last day or two, attempting to negotiate a return of 80% of the money in exchange for a substantial finder’s fee.
The hacker claimed they had been “protecting the remainder” of the Multichain customers. The latter were being targeted by bots, according to a tweet from ZenGo wallet co-founder Tal Be’ery on Jan. 20.
Four transactions were made to repay the money. The hacker repaid 269 ETH ($813,000) in two separate transactions on January 20. The hacker also pocketed a bug bounty of 12 ETH ($36,000) and remitted 50 ETH ($150,000) to the official Multichain account in two transactions overnight.
In response to a “serious vulnerability,” Multichain is asking users to cancel approvals. Multichain (formerly Anyswap) aspires to be the “ultimate Web3 router.” Bitcoin (BTC), Ethereum (ETH), Avalanche (AVAX), Litecoin (LTC), Terra (LUNA), and Fantom are among the 30 chains currently supported by the platform (FTM).