Another $103 million in crypto assets transferred away from Multichain: Beosin

Quick Take

  • On-chain data revealed a significant outflow of $103 million worth of crypto assets from the Multichain bridge on Monday.
  • The incident follows another potentially malicious transfer of $126 million from Multichain last week.

On-chain data revealed another case of significant outflows of crypto assets from the Multichain bridge.

The latest transfer involved $103 million worth of crypto assets moving to new addresses, according to security firm Beosin. This development follows an incident last week in which $126 million was transferred from Multichain in a potential exploit. 

The recent outflows included $24 million in USDC, $29.7 million in fUSDT and $3 million in DAI, according to analysts at Beosin. Other substantial assets involved were $10 million in ETH, $2 million in wrapped bitcoin and $17 million in wrapped ether, among other tokens. The assets originated from multiple chains including Fantom, Arbitrum, Optimism, Cronos, Polygon, Avalanche, BNB chain, Moonbeam and Ethereum.

These latest transfers bring the total value of unusual outflows to about $230 million. Notably, Circle froze some $63 million in USDC stablecoin, while Tether froze $2.5 million USDT of this amount.

The implication of latest Multichain transfers

Beosin pointed out that the recent outflows, due to their involvement with numerous chains, necessitated a significant number of private keys. Furthermore, it noted extended intervals between each transfer — a pattern suggesting the potential involvement of someone closely associated with the project.

“This indicates that the attacker may have taken control of all the assets and is not in a hurry to transfer them. Based on the previous analysis, we speculate that it may be from an internal operation,” Beosin alleged.

In response to last week’s outflows, Chainalysis, an on-chain data analytics provider, also alleged in a report that the Multichain incident seemed to involve compromised admin keys and could be a ‘hack or rug pull by insiders.’

“Multichain’s exploit is potentially the result of administrator keys being compromised. While it’s possible those keys were taken by an external hacker, many security experts and other analysts think this exploit could be an inside job or rug pull, due in part to recent issues suffered by Multichain,” Chainalysis wrote.

© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.