crypto for all
Join
A
A

Multichain (MULTI), a rug pull? New $103 million hack reported

Thu 13 Jul 2023 ▪ 4 min read ▪ by Mikaia A.
Getting informed Cybersecurity

Multichain is feeling the heat. After the confirmation of a $125 million theft last week, a new hack has been reported involving $103 million. Analysts are not ruling out the possibility of an inside job.

Photo of a hacker, Multichain logo and “rug pull” mention

Multichain, some $230 million evaporated

What appeared to be suspicious transactions of around ten million dollars withdrawn via the Fantom network became a proven hack. Fortunately, Circle and Tether were able to get their hands on some of the stolen stablecoins. If they did, it wouldn’t be a hemorrhage, but a bloodbath.

But if the latest news is to be believed, the former Anyswap platform has been hacked again. The amount involved seems enormous: $103 million.

Details about the new Multichain attack

Details about the new Multichain attack

“An additional $103 million was transferred from Multichain to address 0x1eed63efba5f81d95bfe37d82c8e736b974f477b.

Transfer of all [funds] from Fantom, Arbitrium, Optimism, Cronos, Polygon, Avalanche, BNB Chain, Moonbeam, Ethereum :

$USDC: $23,999,250

$fUSDT: $29,657,932

$WBTC: $2,139,053

$WETH: $17,168,126

$ETH $10,102,001

$DAI: $2,994,317

Total: $103,277,346

Transfer behavior :

1) Transfer of a large number of assets via privileges ;

2) Assets come from several chains, implying a large number of private keys;

3) Large time intervals between transfers.

This indicates that the attacker may have taken control of all the assets and is in no hurry to transfer them. Based on the previous analysis, we assume that this may be an internal operation.

As a result, MULTI has lost 27% of its value in one week. At the time of writing, it was trading at $2.38.

Why so easy?

Firstly, Multichain presents itself as a cross-chain protocol facilitating the exchange of multiple cryptocurrencies on multiple blockchains.

Secondly, you’ve probably heard that no one, not even Multichain’s developers, can access the network’s servers. Yet the only key holder, CEO Zhaojun, has disappeared from view. Some analysts theorize that he may have been arrested by the Chinese authorities. But so far, no news about him has been revealed.

The compromise of the Multichain administrator’s keys is also said to have facilitated his series of attacks.

As a result, there’s a good chance that Zhaojun himself is behind these malicious operations.

“While it’s possible that these keys were taken by an external hacker, many security experts and other analysts believe that this exploit could be the result of in-house work or a ‘rug pull’, in part due to the recent problems suffered by Multichain,” argues blockchain analysis firm Chainalysis.

Multichain, un rug pull ?

Multichain, a rug pull?

Our June 2 article highlighted the seriousness of the Multichain case. 1.8 billion dollars belonging to customers blocked, CEO nowhere to be found… It’s hard to rule out an FTX bis scenario at this stage.

A rug pull occurs when the developers of a project raise funds for its realization. Once on track, these once-reliable developers disappear with the customers’ funds.

The DecentraWorld rug pull is a good example of this fraudulent practice.

Maximize your Cointribune experience with our "Read to Earn" program! For every article you read, earn points and access exclusive rewards. Sign up now and start earning benefits.



Join the program
A
A
Mikaia A. avatar
Mikaia A.

La révolution blockchain et crypto est en marche ! Et le jour où les impacts se feront ressentir sur l’économie la plus vulnérable de ce Monde, contre toute espérance, je dirai que j’y étais pour quelque chose

DISCLAIMER

The views, thoughts, and opinions expressed in this article belong solely to the author, and should not be taken as investment advice. Do your own research before taking any investment decisions.