Multichain issues urgent warning amid $126 million asset outflow

In the wake of alarming asset outflows, cross-chain bridge platform Multichain has warned its users to refrain from using its services. The outflow involved a significant number of crypto assets moving to various third-party wallets from Multichain’s bridge deployments on Fantom and Dogechain.

In a tweet from its official account, Multichain stated: “The Multichain service has currently stopped, and all bridge transactions will remain stuck on the source chains. There is no confirmed resumption time. Please refrain from using the Multichain bridging service for now.”

This abrupt interruption in service follows an unsettling incident where $126 million worth of assets were mysteriously transferred from the bridge platform to unknown wallets, as reported by security firm PeckShield. These assets were largely withdrawn on Fantom, with a smaller amount withdrawn on Dogechain.

On-chain analyst and former researcher at Huobi Ventures, Loki Zeng, suggested that the asset outflows could indicate that the attacker might have access to private key shards controlling Multichain’s multi-party computation wallet. This was based on the fact that the asset transfer process lasted an extended period and involved a test transfer of $2 in stablecoins before the significant outflows.

Furthermore, each type of crypto asset taken from Multichain was transferred to separate wallets, with no subsequent activity detected in these wallets. According to Zeng, this situation could indicate the possibility of the involvement of a white hat hacker. In the context of crypto security, a whitehat is an ethical expert who uses their skills to save funds rather than exploit them for malicious purposes. However, this interpretation remains an unsubstantiated conjecture at this time.

Fantom Foundation responds

As the crypto community speculates on the nature of this security breach, the Fantom Foundation has issued a statement for holders of Fantom tokens. “For the avoidance of doubt, FTM was never issued or managed by Multichain, so wFTM, FTM ERC-20, and FTM on the Opera [EVM network] are not affected,” the Foundation stated. This statement implied that the crisis would primarily impact only the wrapped assets facilitated by Multichain’s bridging service and not directly linked to the Fantom team.

The ongoing Multichain crisis follows an event in May 2023 when users reported abnormal delays in the arrival of Multichain cross-chain funds. Furthermore, in July 2021, before its rebranding from AnySwap to Multichain, the protocol suffered an attack, leading to a loss of over $7.9 million in assets.

Notably, the Multichain bridge still oversees over $1.2 billion in assets minted through its cross-chain platform across different networks.