Skip to content Skip to footer

$126M Multichain exploit was likely an inside job, Chainalysis report claims

multichain hack was likely an inside job or a rug pull
The mysterious disappearance of Multichain’s CEO raises the biggest red flag, since he has sole access to the protocol’s key servers.

Last week, cross-chain bridge Multichain lost $126 million in crypto assets after an attacker siphoned capital out of numerous token bridges. 

Multichain has a healthy $1.25 billion in total liquidity, but the attack cost the protocol almost its entire holdings in wBTC, USDC and other altcoins, leading Circle to freeze $63 million in USDC.

The protocol tweeted on June 7 that assets were abnormally moved to an unknown address, but “the team is not sure what happened”. 

Related: Atomic Wallet was likely breached by North Korean hackers

A new report by Chainalysis suggests that the exploit appears to be a hack or rug pull by insiders.

The report explains that Multichain uses a multi-party computation (MPC) system to secure its smart contracts – similar to a multisignature wallet – which splits private key shards among multiple parties.

It’s assumed that the exploit is the result of administrator keys being compromised.

Suspiciously, the hacker didn’t convert the stolen assets, like USDC, which can be frozen by the issuing company. “Most hackers typically seek to quickly swap funds for ones that aren’t vulnerable to those security measures,” the report stated.

Movements of the unauthorised withdrawals (Chainalysis)

The report affirms, “While it’s possible those keys were taken by an external hacker, many security experts and other analysts think this exploit could be an inside job or rug pull, due in part to recent issues suffered by Multichain.”

One of these ‘recent issues’ is the mysterious disappearance of Multichain’s CEO, known by the alias Zhaojun.

Multichain’s CEO goes AWOL. 

Multichain revealed on May 31, 2023 that it was unable to contact their CEO Zhaojun, leaving them unable to perform technical maintenance.

Unconfirmed rumours quickly followed claiming that Zhaojun had been arrested by Chinese police, with $1.5 billion of the protocol’s smart contract funds confiscated. Multichain was then forced to suspend services for 10 chains including Public Mint, DynoChain and Redlight Chain.

Read more: Cross-chain protocol Multichain loses $126M to mysterious attack

Around the same time Zhaojun went missing, Multichain users began to report failed transactions that were stuck for days. The team later confirmed that Zhaojun held the private key to the pools whose transactions were stuck. 

Binance suspended some of Multichain’s token deposits and paused withdrawals on July 5. 

“Looks like another hack happened on Multichain,” Binance CEO Changpeng Zhao wrote on Twitter. “This DOES NOT affect users on Binance itself. We have swapped all assets out and closed deposits a while back. Regardless, we offer our assistance in helping with the situation,” 

Disclaimer: CryptoPlug does not recommend that any cryptocurrency should be bought, sold, or held by you. Do conduct your own due diligence and consult your financial advisor before making any investment decisions.

Leave a comment

Go to Top