Due to a security hole in six tokens, Multichain users lost more than $3 million in the week. A white hat hacker returned 322 ETH, but beyond 527 ETH is still mined.
News
In a dramatic twist, one of this week’s Multichain hackers returned 322 ETH ($974,000 at press time) to the cross-chain router protocol and one of the affected users.
However, the hacker kept 62 ETH ($187,000) as a “bug bounty”, and total out of the 528 ETH ($1.6 million worth) is still prominent after mining.
Earlier this week, news surfaced about a security vulnerability with Multichain involving WETH, PERI, OMT, WBNB, MATIC and AVAX tokens, and $1.43 million was stolen. Multichain announced On January 17, a critical security vulnerability was “reported and fixed”.
However, the publicity of the vulnerability encouraged a number of different attackers to break in and over $3 million in funds were stolen. Critical vulnerabilities in six tokens still exist, but Multichain withdrew approximately $44.5 million in funds from multiple chain bridges to secure them.
Yes, the bridge contract needs a pause function. https://t.co/lPjLsE5EtR
– Zhaojun (@zhaojun_sh) January 20, 2022
One of the hackers, calling himself a “white hat” contacted both Multichain and a user who lost $960,000 in the past day, to negotiate a return of 80% of the funds in exchange for a hefty fee.
According to a January 20 date tweet from ZenGo wallet co-founder Tal Be’ery, the hacker claims that they have “saved the rest” of the Multichain users who are being targeted by bots, in a defensive attack.
The funds were returned across four transactions. On January 20, the hacker returned 269 ETH ($813,000) in two direct transactions to the user he stole it from and held a bug bounty of 50 ETH ($150,000).
The relieved user replied to the hacker:
“Well received, thanks for your honesty.”
Overnight, the hacker also returned 50 ETH ($150,000) over two transactions to the official Multichain address and held a bug bounty of 12 ETH ($36,000).
Related: Multichain asks users to revoke approval amid ‘critical vulnerability’
Multichain (formerly Anyswap) aims to be the “ultimate router for Website3”. The platform currently supports 30 chains, including Bitcoin (BTC), Ethereum (ETH), Avalanche (AVAX), Litecoin (LTC), Terra (LUNA) and Fantom (FTM).
In one tweet on Jan 20, Multichain Co-Founder and CEO Zhaojun admitted that Multichain bridge contracts need a pause function to deal with similar incidents in the future..
Cointelegraph has reached out to the project for comment.