Tens of millions of dollars withdrawn from Multichain on Fantom in possible exploit

Quick Take

  • Millions of dollars were removed from the Multichain bridge on the Fantom network.

Tens of millions of dollars of tokens have been withdrawn from the Multichain bridge on the Fantom network, with security firms speculating that it may be a security breach.

The tokens moved include $58 million of the stablecoin USDC, 1,020 wrapped bitcoin ($30.9 million), 7,200 wrapped ether ($13.7 million) and $4 million of the stablecoin DAI. It also included further tokens like Chainlink, Curve DAO, YFI, Wootrade Network and nearly a quarter of the total supply of UniDex.

Assets also appear to be moving on Multichain's Moonriver bridge, including $4.8 million of USDC and $1 million of USDT.

Dog-themed blockchain Dogechain has also seen a sudden movement of funds with at least $660,000 of USDC sent to the same destination wallet that was used in the movement of funds from Moonriver.

So far none of the funds have been transferred beyond the wallets they were initially moved to. They haven't been sold or transferred to a crypto mixing service.

Multichain has not made a statement in regards to the movement of funds. The Fantom Foundation said it was aware of "a situation unfolding on the Multichain bridge..

"We are actively evaluating the circumstances and will provide an update as soon as we have more to share," it wrote. 

Initial perspectives

Security firm PeckShield questioned whether this was related to cross-chain platform LayerZero adding support for four tokens, matching those that were moved. Yet this doesn't align with the complete list of tokens that were moved.

LayerZero CEO Bryan Pellegrino told The Block the issue was not related to the platform. 

Start your day with the most influential events and analysis happening across the digital asset ecosystem.

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

"It's a multichain hack," he said in a message. "It's 100% not related to LayerZero."

Pellegrino suggested that it could be Multichain bridge users withdrawing their assets to bring them to LayerZero. Yet Wintermute Head of Research Igor Igamberdiev said this is likely to be someone who has control over the bridge because funds weren't burned on the Fantom side of it when the transactions took place.

Igamberdiev also noted that it was odd the wallet that received a large chunk of the USDC also made a transaction from the old Binance Smart Chain bridge a few hours earlier.

Previous bridging issues

The Multichain bridge is supported by multi-part