A white-hat hacker has returned 322 Ethereum (around $900,000) after an exploit drained Multichain users of more than $3 million worth of crypto this week.
Up to $1.5 million worth of Ethereum is still at large, however.
Multichain is a cross-chain router protocol that bridges users between thirty different blockchains, including Bitcoin, Ethereum, and Terra.
This week’s critical vulnerability appears to have affected six tokens on the protocol: Wrapped ETH (WETH), Peri Finance Token (PERI), Official Mars Token (OMT), Wrapped BNB (WBNB), Polygon (MATIC), and Avalanche (AVAX).
On Monday, Multichain announced on Twitter that the problem had been “reported and fixed.”
However, more attackers swooped in after the announcement and were still able to exploit the protocol through the same vulnerability, with one hacker stealing as much as $1.43 million.
1/A critical vulnerability that affected 6 tokens (WETH, PERI, OMT, WBNB, MATIC, AVAX) has been reported and fixed.
All assets on both V2 Bridge and V3 Router are safe, and cross-chain transactions can be done safely.
— Multichain (Previously Anyswap) (@MultichainOrg) January 17, 2022
The White Hat Multichain hacker
In the badlands of crypto, critical vulnerabilities aren’t just exploited by criminals for self-interested motives, they also draw the attention of blockchain vigilantes called “white hat” hackers, who exploit vulnerabilities to report them and collect a bounty.
One of the attackers that attacked Multichain after Monday’s announcement was a white hat.
The hacker returned 322 ETH (around $900,000) to an affected user and kept 62 ETH ($173k) as a bounty for themselves.
The hacker also returned 52 ETH ($139,000) to Multichain and kept around 12 ETH as a bounty.
Around 527 ETH, or just under $1.5 million, is still missing, however.
On Thursday, Multichain CEO and co-founder Zhaojun took to Twitter and confirmed ZenGo wallet co-founder Tal Be’ery’s theory that the vulnerability was due to the fact that Multichain’s bridge contracts need a pause function to prevent loss of funds in the future.
Formula 1 has renewed its partnership with exchange platform Crypto.com, extending the agreement through 2030 as both entities seek to capitalize on their shared momentum.
The renewed partnership will see Crypto.com continue to feature prominently at key Formula 1 events, including the Miami Grand Prix, where it has been the title sponsor since the race’s inception in 2022.
The deal, first inked in 2021, marked Formula 1’s foray into the crypto world at a time when digital assets were experienc...
Mo Shaikh, a co-creator of the Aptos blockchain and co-founder and CEO of the Aptos Labs firm that helps support it, announced Thursday that he's leaving the company to focus on a "new chapter."
"Today, I am stepping away from Aptos Labs to start a new chapter," Shaikh wrote on X. "One of my true passions lies in building companies from the ground up, and we have done that at Aptos Labs by building a world-class team."
"I leave Aptos Labs with the utmost confidence in the team," he continued, "a...
Building on the momentum of anticipated changes to U.S. crypto policy, Binance.US said it aims to restore its USD services in early 2025, according to a statement shared with Decrypt.
It marks the exchange's first major operational shift as regulatory pressure forced the exchange to suspend fiat trading last year.
The platform has operated under restricted banking access since June 2023, when SEC civil claims triggered a suspension of dollar deposits and withdrawals.
"While I can't provide a de...
