A further $103 million has been transferred from Multichain across nine networks as reports point to the hack being an ‘inside job’.
On June 7, cross-chain bridge Multichain lost $126 million in crypto assets after an attacker siphoned capital out of numerous token bridges.
Blockchain security firm Beosin announced on June 11 that another $103 million has since been transferred from Multichain into a wallet address, making the hack one of the biggest in crypto history.
As a cross-chain protocol, Multichain – formerly known as Anyswap – enables the exchange of a range of cryptocurrencies across multiple networks. Beosin said that the $103 million in new losses comes from Fantom, Arbitrum, Optimism, Cronos, Polygon, Avalanche, BNB chain, Moonbeam, Ethereum.
The attack cost the protocol almost its entire holdings in wBTC, USDC and other altcoins, leading Circle to freeze $63 million in USDC.
A report by Chainalysis suggests that the exploit is likely a hack or rug pull by insiders, which Beosin also believes.
Beosin wrote that the recent transfer behaviour involved a large number of private keys with long intervals between transfers, indicating that the “attacker may have taken control of all the assets and is not in a hurry to transfer them”.
“Based on the previous analysis,” it wrote, “we speculate that it may be from an internal operation.”
In late May, Multichain users began reporting failed transactions. Around the same time, the company’s CEO, Zhaojun, went missing.
With Zhaojun mysteriously AWOL, the Multichain team was unable to access the key servers required to conduct maintenance. Without the CEO present to give access, the protocol was forced to suspend services for 10 chains including Public Mint, DynoChain and Redlight Chai.
Rumours have since circulated that Zhaojun had been arrested by Chinese police, with $1.5 billion of the protocol’s smart contract funds confiscated.
Chainalysis’s report explained that Multichain uses a multi-party computation (MPC) system to secure its smart contracts – similar to a multisignature wallet – which splits private key shards among multiple parties. It’s assumed that the exploit is the result of administrator keys being compromised.
The exploit is one of the biggest in crypto history.
Disclaimer: CryptoPlug does not recommend that any cryptocurrency should be bought, sold, or held by you. Do conduct your own due diligence and consult your financial advisor before making any investment decisions.