Multichain, a prominent cross-chain bridge network, has suffered a massive security breach, resulting in the loss of over $100 million worth of cryptocurrencies. This alarming incident, which comes just days after a previous theft of $126 million, has raised suspicions of a potential internal operation within Multichain.
Quick facts:
- Multichain Bridges suffers another $100 million loss, triggering internal operation suspicions.
- Unauthorized transactions exploit bridges across multiple blockchains, following a previous $126 million theft.
- Experts speculate on internal involvement due to the MPC system and CEO’s disappearance.
- The incident raises security concerns and underscores the need for improved measures in the crypto industry.
Multichain’s cross-chain bridges, designed to facilitate seamless transfers between different blockchain networks, fell victim to a series of unauthorized transactions.
An unknown actor exploited the bridges connecting various blockchains, including Arbitrum, Avalanche, BNB Chain, Cronos, Fantom, Polygon, Moonbeam, Optimism, and Ethereum. Notably, these transactions occurred despite the supposed suspension of bridge activities following the earlier theft.
The breach involved the swift transfer of a diversified basket of cryptocurrencies, mainly stablecoins, Bitcoin, and Ether, to a new address. The total value of the stolen assets exceeded $100 million, highlighting the severity of the attack and the potential vulnerabilities within Multichain’s security infrastructure.
MultiChain Bridge CEO’s Vanishing Act Raises Eyebrows
Experts and analysts are now speculating about the possibility of an internal operation within the cross-chain bridge.
The suspicions stem from the implementation of the cross-chain bridge’s multi-party computation (MPC) system, which divides private keys among multiple parties for enhanced security. However, if an attacker gains access to multiple MPC keys, it can compromise the system’s integrity.
Adding to the concerns, Multichain’s founder and CEO, known by the pseudonym Zhaojun, has mysteriously disappeared, further fueling speculations of internal involvement.
Rumors circulating in the industry suggest that key team members have been arrested in China, potentially leading to the compromise of critical access codes.
Security firm Beosin conducted an analysis of the initial exploit and discovered peculiarities in the transactions. Notably, the absence of transaction fees, unusual timing, and delayed response from Multichain to suspend bridge activities raised suspicions of an internal operation.
Beosin concluded that it is “highly likely” that the attacker had control over the private keys.
The repeated breaches and substantial losses raise significant concerns about the security and reliability of Multichain’s bridges. The total amount lost, reaching approximately $230 million between the two incidents, leaves a significant impact on the platform’s reputation and investor confidence.
Related: Multichain Services Halted Amid $126 Million Asset Outflow
However, it is crucial to note that concrete evidence linking Multichain team members to the losses has not yet surfaced. Efforts are underway to freeze stolen assets by Tether and Circle, offering a glimmer of hope for potential recovery.
Implications for the Crypto Industry
This incident underscores the inherent risks associated with the cryptocurrency space and the critical need for robust security measures. As investigations continue and the industry seeks to address the aftermath, the focus on strengthening security protocols and maintaining trust in blockchain networks becomes paramount.
In conclusion, the loss of over $200 million in cryptocurrencies through Multichain’s bridges has raised suspicions of internal involvement. The implications for Multichain’s future remain uncertain as the platform grapples with the consequences of repeated security breaches.