Posted on January 21, 2022 at 5:28 PM
The MultiChain platform, which was recently hacked, has recovered some of the stolen funds. The platform lost around $3 million during the hacking incident. But one of the hackers has returned 322 ETH ($972,000), keeping 62 ETH ($187,000) as a “bug bounty”. However, more than 527 ETH is still outstanding after the exploits.
The vulnerability in MultiChain affected six tokens, including Wrapped Binance Coin (wBNB), Mars Token (OMT), Peri Finance (PER), Wrapped Ether (wETH), Avalanche (AVAX), and Polygon (MATIC). MultiChain later announced that the vulnerability that led to the exploit had been “reported and fixed.”
But once the bug was made public, it encouraged several threat actors to launch different attacks on the protocol, with some of them succeeding in stealing tokens from the platform.
While about $3 million worth of tokens were stolen, MultiChain reported that the majority of the funds in the platform are safe.
The Funds Were Returned In Four Transactions
One of the hackers, which claimed to be a “white hat” initiated communication with the protocol, promising to return 80% of the funds he stole. A user who has lost nearly $1 million from the exploit, said the hacker can keep a finder’s fee from the stolen funds by returning a majority of the funds. The latest development is possibly a response to the request made by the user.
According to a tweet credited to Tal Be’ery, Zengo wallet co-founder, the said hacker claimed his action saved other Multichain users who may have been exploited due to the existing vulnerability.
The hacker returned most of the funds to the victim of the stolen funds. The funds were returned in four transactions. In two separate transactions, the hacker returned 269 ETH (about $813,000) and kept 50 ETH ($150,000) to himself as a bug bounty.
“Well received, thank you for your honesty,” the relieved user responded in appreciation to the hacker. A few hours later, the hacker returned 50 ETH in two transactions, keeping 12 ETH as a bug bounty.
MultiChain provides support for 30 chains at the moment, as the platform looks to become the “ultimate router for Web3.” It supports major chains such as Bitcoin, Terra, Ethereum, Fantom, Litecoin, Avalanche, and others.
Co-founder and Chief Executive Officer of MultChain Zhaojun, in a tweet, noted that the protocol will need to pause function to deal with such incidents in the future.
Users Have Been Advised To Protect Their Accounts
In response to the bug, MultiChain asked users to cancel approval to prevent any further attacks on their accounts.
After the hacking incident on Multichain, the protocol’s team posted on their Twitter page that users that have been affected by the exploit should submit a ticket on their support site.
The team also posted the hackers’ addresses on its Twitter account to enable proper monitoring via the blockchain explorer. The team also promised to provide additional details of the incident and how users can protect their accounts better.
The negative event on MultiChain could have had an impact on its MULTI token. But despite the exploit, the token seems to be unfazed. Although it is down by 0.8%, most holders of the MULTI token will be glad considering that the entire crypto market has hit a downturn when it comes to price. The cryptocurrency market capitalization is down from $1.98 trillion to $1.84 trillion within 24 hours, which represents a 7% drop. Among all major tokens, Bitcoin has been the worst hit, falling by almost 9% to around $38,000 in less than 48 hours.
It’s not clear whether the current dip will stay for a sustained period or when the market fortunes will change.
Hackers Target More Cryptocurrency Platforms
The level of hacking incidents on cryptocurrency platforms has increased in recent months. As the popularity of crypto assets keeps growing, more threat actors are being driven to gain financially by stealing from protocols.
The latest hacking incident on MultiChain is coming at the same period Crytpo.com experienced a cyber attack.
The crypto exchange platform admitted that its platform was targeted by hackers. The platform posted via Twitter that the hacking incident affected a “small number of users.”
Crypto.com also stated that it suspended withdrawals on the platform to address the issue and carry out an investigation. However, the firm confirmed that no user fund was affected, but users who want to access their accounts should reset their two-factor authentication for precautionary purposes.