Multichain hacker returns 322 ETH, keeps hefty finders fee

Published at: Jan. 21, 2022

In a dramatic twist, one of this week’s Multichain hackers has returned 322 ETH ($974,000 at the time of writing) to the cross-chain router protocol and one of the affected users.

However the hacker kept 62 ETH ($187,000) as a “bug bounty”, and a total of 528 ETH (worth $1.6M) remains outstanding after the exploits.

Earlier this week, news emerged of a security vulnerability with Multichain relating to the tokens WETH, PERI, OMT, WBNB, MATIC, and AVAX, and $1.43 million was stolen. Multichain announced on Jan. 17 the critical vulnerability had been “reported and fixed.”

However, publicity about the vulnerability reportedly encouraged a number of different attackers to swoop in, and more than $3 million in funds were stolen. The critical vulnerability in the six tokens still exists, but Multichain has drained around $44.5m of funds from multiple chain bridges to protect them.

Yeah, bridge contract need pause function. https://t.co/lPjLsE5EtR

— Zhaojun (@zhaojun_sh) January 20, 2022

One of the hackers, calling himself a "white hat" has been in communication with both Multichain and a user who lost $960,000 in the past day or so, to negotiate returning 80% of the money in return for a hefty finders fee.

According to a Jan. 20 tweet from ZenGo wallet co-founder Tal Be’ery, the hacker claimed they hadbeen “saving the rest” of the Multichain users who were being targeted by bots, in an act of defensive hacking.

The funds were returned across four transactions. On Jan. 20 the hacker returned 269 ETH ($813,000) in two transactions directly to the user he stole it from and kept a bug bounty of 50 ETH ($150,000).

The relieved user responded to the hacker:

“Well received, thank you for your honesty.”

Overnight, the hacker also returned 50 ETH ($150,000) across two transactions to the official Multichain address, and kept a bug bounty of 12 ETH ($36,000).

Related: Multichain asks users to revoke approvals amid ‘critical vulnerability’

Multichain (formerly Anyswap) aims to be the “ultimate router for Web3.” The platform supports 30 chains at the moment, including Bitcoin (BTC), Ethereum (ETH), Avalanche (AVAX), Litecoin (LTC), Terra (LUNA), and Fantom (FTM).

In a tweet on Jan. 20, the Co-Founder and CEO of Multichain Zhaojun conceded that Multichain bridge contracts need a pause function to deal with similar incidents in future..

Cointelegraph has contacted the project for comment.

Tags
Related Posts
Kevin O'Leary says his crypto holdings could reach 20% of portfolio
Shark Tank celebrity Kevin O’Leary, also known as Mr. Wonderful, says he would be ready to increase his crypto allocations up to 20% as soon as there are clearer regulations around stablecoins. O’Leary, a former Bitcoin (BTC) skeptic, is now a vocal advocate of cryptocurrency, which currently makes up over 10% of his investment portfolio. Mr. Wonderful is particularly focused on U.S. dollar-pegged stablecoins, which he sees as an effective hedge against rising levels of inflation. By staking stablecoins, he pointed out, he can make up to 6% returns. He explained to Cointelegraph: ”When inflation is 6%, you're buying power …
Adoption / Dec. 30, 2021
Multichain under fire from users as hacking losses grow to $3M
Hackers have continued to exploit a critical vulnerability in the cross-chain router protocol (CRP) Multichain that first appeared on Jan 17. Earlier this week, Multichain urged users to revoke approvals for six tokens to protect their assets from being exploited by malicious individuals. However Multichain's announcement on Jan. 17 encouraged more hackers to try the exploit. One stole $1.43 million, another offered to return 80% while keeping the rest as a tip. According to Tal Be’ery, the co-founder of the ZenGo wallet, the stolen amount has now risen to $3 million. The @MultichainOrg hack is far from being over. Over …
Blockchain / Jan. 20, 2022
Jump Crypto replenishes funds from $320M Wormhole hack in largest-ever DeFi 'bailout'
On Thursday, Jump Crypto, a crypto venture capital firm that owns Certus One, the developer of the Wormhole token bridge, announced it had deposited 120 thousand Ether (ETH) into a Solana-Ethereum bridge that suffered a devastating exploit. The day prior, hackers fraudulently minted 120 thousand wrapped Ether (wETH) worth $321 million on the Solana (SOL) platform, then redeemed 93,750 wETH for ETH on the Ethereum network while swapping the rest for other altcoins on the Solana network. The cross-chain ETH-wETH is supposed to have an exchange ratio of 1:1 against one another. Therefore, unauthorized minting of wETH leads to significant …
Technology / Feb. 3, 2022
Which tokens should you buy and hodl in 2022? | Find out now on The Market Report live
“The Market Report” with Cointelegraph is live right now. On this week’s show, Cointelegraph’s resident experts discuss which tokens you should buy and hodl in 2022. But first, market expert Marcel Pechman carefully examines the Bitcoin (BTC) and Ether (ETH) markets. Are the current market conditions bullish or bearish? What is the outlook for the next few months? Pechman is here to break it down. Next up, the main event. Join Cointelegraph analysts Benton Yaun, Jordan Finneseth and Sam Bourgi as they debate which tokens you should buy and hodl right now. Will it be Bourgi’s picks? He has selected …
Decentralization / March 15, 2022
Crypto hacks are set to hit all-time highs in 2022, analyst explains
Reducing the amount of hacking by improving cybersecurity should be considered a top priority for the crypto industry, said Kim Grauer, director of research of blockchain intelligence firm Chainalysis. As pointed out by the firm, this year could outpace 2021 in terms of crypto stolen through hacks. The vast majority of these exploits have been targeting the field of decentralized finance. “This can't go on in the industry because people are going to lose faith in investing in DeFi platforms”, Grauer said in an interview with Cointelegraph. Unlike centralized exchanges, which have improved their resiliency to crypto hacks, decentralized protocols …
Blockchain / Oct. 19, 2022