Advertisement

Multichain Says $1.4M in Ether Siphoned From Users Who Failed to Update Approvals

Multichain users who didn't update their approvals as instructed yesterday have been exploited and have lost 445 wrapped ether ($1.4 million), the project tweeted on Tuesday.

  • On Monday, Multichain instructed its users to remove approvals for six tokens and said otherwise their assets would be exposed to a security vulnerability. The tokens in question were WETH, PERI, OMT, WBNB, MATIC and AVAX.

  • Decentralized finance security firm Dedaub first found the flaw, which Multichain said it had fixed.

  • Later on Tuesday, crypto security firm PeckShield revealed the wallet address where the stolen funds had been deposited. The address holds 455 ether as of the time of writing.

  • Because the users have to be the ones to remove the approvals, there isn't much Multichain can do, PeckShield told CoinDesk in a Twitter message.

  • Multichain, formerly Anyswap, is a cross-chain bridge which raised $60 million in December in a seed funding round that was led by Binance Labs.

Read more: Anyswap Rebrands to Multichain, Raises $60M Led by Binance Labs