- The Multichain Bridge network has been exploited for more than $100 million.
- The hack is the second such incident to affect Multichain recently after the suspected theft of $126 million forced its temporary suspension last week.
- The internet is awash with speculation that the illicit transactions could be an inside job.
Cross-chain Bridges on the Multichain network have again been exploited for over $100 million worth of crypto.
The latest exploit follows a previous security breach on July 6th. The original incident resulted in $126 million in potential losses and forced Multichain to suspend all transactions temporarily.
Multichain Hit by Second Exploit in a Week
In the latest suspicious transactions, an unidentified actor moved funds across Multichainโs Arbitrum, Avalanche, BNB Chain, Cronos, Fantom, Polygon, Moonbeam, Optimism, and Ethereum Bridges.
Sponsored
While the initial exploit only affected Multichainโs Dogechain, Fantom, and Moonriver Bridges, the latest transaction round spanned nine blockchains.
On the morning of Tuesday 11th, a basket of different cryptocurrencies, mostly comprised of stablecoins, Bitcoin, and Ether, was transferred to a new address. A single crypto wallet received over $100 million worth of assets.
Adding to the networkโs woes, the transfers occurred at a time when bridge transfers on Multichain should have been suspended, after the initial $126 million theft on July 6th.
At the time of writing, the Multichain team has yet to comment on the most recent exploit. But the nature of recent security breaches has led experts to question whether they could be an inside job.
An Inside Job? Speculation Abounds
Blockchain analytics firm Chainalytics observed that the theft bears signs of a rug pull potentially carried out by Multichainโs core development team. Analysts reached this conclusion because Multichainโs smart contracts are secured by a multi-party computation (MPC) system.
Similar to a multisignature wallet, MPC systems split shards of a private key between many different parties, who must come together to execute transactions.
While the system is intended to prevent a single actor from gaining access to the networkโs funds, it would remain vulnerable to any attacker that possesses multiple MPC keys.
One particularly alarming aspect dates back to May 31st, when the Multichain team stated they could not contact the projectโs founder and CEO, known by the pseudonym Zhaojun. The mysterious CEOโs social media accounts have remained inactive ever since, and no information concerning their whereabouts has emerged.
Zhaojunโs disappearance was accompanied by rumors that core members of the founding team were arrested in China, where authorities purportedly gained control of critical Multichain access codes.
โHighly Likelyโ Attacker Controls Multichain Private Keys
In a behavioral analysis of the initial exploit, Beosin noted some oddities about the illicit transactions:
- There were no fees associated with the transfers.
- The timing of the transactions is inconsistent with hackers stealing in bulk through scripts or vulnerabilities.
- Multichain did not immediately transfer the remaining assets of the address and took hours to announce the suspension of service.
From these facts, Beosin concluded that it is โhighly likely that the hacker had control of the private key.โ
In comments on the later activity, the security company again observed the odd timings and high level of access needed to initiate the transfers. From this, they speculated that it could be an internal operation.
On the Flipside
- Despite speculation, there is currently no hard evidence to suggest that any member of the Multichain team is responsible for the recent loss of funds.
- After the first attack, Tether and Circle managed to freeze the stolen USDT and USDC and may do so again.
Why This Matters
The suspected hack is the second major incident to affect Multichain Bridges in the space of a week. Around $230 million in assets were transferred without explanation between the two events, potentially amounting to one of the biggest crypto thefts ever. Between the exploits themselves and the rumors swirling around its core members, the future of Multichain Bridges is now uncertain.