Multichain hack’s losses grow to $3M following ‘worst way to treat vulnerability’
ambcrypto.comHacks and scams within the crypto-industrytook $14 billion from users in 2021, according to a recent report. While many hoped the new year won’t bring more bad news, it would seem that this may just be the start.
Cross-chain router protocol Multichain (formerly Anyswap) is currently trending, although for all the wrong reasons.
<p lang=«en» dir=«ltr» xml:lang=«en»>2/If you have ever approved any of these 6 tokens, pls log in https://t.co/S9nDfrM1eO asap to revoke the approvals, otherwise, your assets are at risk.— Multichain (Previously Anyswap) (@MultichainOrg) January 17, 2022
On 17 January, Multichain Bridge Protocoldiscovered a bug or rather a critical vulnerability on its network. Security firm Dedaub reported to Multichain that users who had approved permissions for WETH, PERI, OMT, WBNB, MATIC, and AVAX on Multichain’s bridging router were at risk of hackers draining their funds. At the time, to avoid losses, the Multichain team advised users to cancel all of the approvals given to the specified tokens.
In fact, Multichain published a step-by-step tutorial on how users can easily revoke approvals. Furthermore, the blog reported that all assets on its V2 Bridge and V3 Router were safe. Users could carry out cross-chain transactions as usual.
Later down the line, however, Blockchain security firm PeckShield investigated the affected protocol. As per its investigation, a total of 445 WETH (> $1.4M) was affected.
Well, that’s what hackers thought of this situation. The aforementioned episode took an interesting turn. Hackers continued to exploit the vulnerability in the cross-chain bridge Multichain.
In fact, they went on to steal about $3 million in cryptocurrencies, according to a report by Vice. Calling the incident “the
Read more on ambcrypto.com
