Multichain, previously AnySwap, is an infrastructure developed for arbitrary cross-chain interactions. It supports more than 25 chains and more than 1100 tokens. So, Multichain is an issuer of $USDC, $DAI, and $fUSDT stablecoins on the Fantom chain.

And it was the only bridge available to transfer funds to/from Fantom before modern omnichain solutions such as LayerZero came. So what happened?

Multichain Produced Fantom’s Debable?

On July 6, 2023, cross-chain bridge protocol Multichain experienced unusually large, unauthorized withdrawals. In what appears to be a hack or rug pull by insiders.

With over $125 million worth of cryptocurrencies withdrawn from multiple wallets, it affected the Ethereum side of Fantom, Moonriver, and Dogechain bridges. (These withdrawals represented the majority of funds held on each bridge).

Chainalysis believes the exploit may have resulted from compromised administrator keys, which some suggest means it could have been an “inside job.”

On July 11, another $103 million in crypto was moved to various blockchain addresses, security firm Beosin reported.

How the Hack Happened?

Multichain was storing all shards of its private keys in a “cloud server account” under the sole control of its CEO. This cloud server account was later accessed by someone and used to drain funds from the protocol.

Blockchain security firm Peck Shield found that the stolen funds included several stablecoins, including USDC, DAI, and tokens like Link, wBTC, and wETH.

The team previously stated in the protocol’s documents that no single server had access to all of the shards of a key.

The Disappearance of Multichain’s CEO

On May 31, 2023, Multichain revealed that it was unable to contact its CEO, Zhaojun.

According to rumors circulating on Twitter, the Chinese police arrested Multichain’s team and confiscated $1.5 billion in smart contract funds.

According to the team, they contacted the CEO’s family. They learned that Zhaojun’s computers, phones, wallets, and mnemonic phrases were seized by the authorities. They added that Zhaojun’s sister notified the team of an asset preservation act, transferring some funds to addresses under her control. However, this was followed by the Multichain CEO’s family notifying the team that Zhaojun’s sister was also taken into custody by the police and is now out of contact.

Aftermath

After the large withdrawals, the Multichain team tweeted that they were beginning an investigation and urged users to pause transactions.

A day later on July 7, the team followed up with a tweet that the protocol would be stopping service indefinitely.

The platform also suffered delayed transactions and other technical problems resulting in Binance ending support for several of its bridged tokens on July 7TH. On July 8TH, stablecoin issuers Circle and Tether froze over $65 million in assets tied to the Multichain exploit.

On July 10, on-chain detective Spreek reported that an unknown individual was draining funds from the protocol. Sending them to fresh wallet addresses using a fee-based exploit.

Also, according to the July 14 post, the July 11 fee-based attack. It was a counter-exploit initiated by the CEO’s sister at the behest of the Multichain team. In an attempt to recover funds.

On July 14, Multichain’s official Twitter account announced that it would be halting its operations. Here is the second part.

⬆️ For more cryptocurrency news, check out the Altcoin Buzz YouTube channel.

⬆️ Check out our most up-to-date research, NFT and Metaverse buy, and how to protect your portfolio in this market by checking out our Altcoin Buzz Access group, which for a limited time, is FREE. Try it today.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.