Multichain Hack Forces Tether, Circle To Freeze Over $65M In Assets

Blockchain platform Multichain's has partnerships with the likes of Accenture, Cognizant and Medici Ventures. MC

KEY POINTS

The crypto community is being warned not to fall prey to the so-called "emergency" Fantom airdrop scam
Bad actors pretending to issue FTM reserves to victims hit by the recent Multichain hack
Malicious actors moved around $126M in crypto from various Multichain bridges last week

The recent Fantom hack in Multichain saw $126 million worth of digital assets leave some of its deployment bridges, which forced stablecoin issuers Tether and Circle to freeze assets suspected to be tied to the bad actors. The crypto community is now also being warned not to fall prey to the so-called "emergency" Fantom (FTM) airdrop, since it is a scam.

Last week, Multichain's Fantom bridge was siphoned off approximately worth around $126 million in WBTC, USDC, DAI, wETH, and Link crypto assets.

The cause of the abnormal transfer of substantial amounts of crypto assets remained unclear, but knowledge graph protocol 0xScope reported three addresses received around $63.2 million in USD Coin (USDC), while Fantom Foundation disclosed that more than $2.5 million in Tether from "Multichain Suspicious Addresses" have been frozen by the stablecoin issuer as well.

Three #Multichain hacker addresses (0x027F / 0xefEe / 0x48Be) have been frozen by @circle.

These addresses held a total of 65M in assets, including 63.2M $USDC, which are now frozen.

Address:https://t.co/gLpjpC2TvX https://t.co/YtZUmhaxeg pic.twitter.com/sAzOQMPmrG
— 0xScope (🪬 . 🪬) (@ScopeProtocol) July 7, 2023

Fantom protocol CEO Michael Kong reportedly noted the funds transfers "does not appear to be a normal hack" considering that the assets moved to the wallet of the supposed malicious actor were not moved somewhere else.

Just had word from Michael Kong at FTM on Multchain situation

He said:

- FF and multichain teams are completely separate from one another.

- FTM was never issued or maintained by multichain, so wFTM, FTM on opera, and FTM Erc-20, are not affected.

- This does not appear to…
— Ijaz Awan (@realijazawan) July 7, 2023

Last week Multichain already flagged the transfers noting, "The lockup assets on the Multichain MPC address have been moved to an unknown address abnormally."

The lockup assets on the Multichain MPC address have been moved to an unknown address abnormally.
The team is not sure what happened and is currently investigating.

It is recommended that all users suspend the use of Multichain services and revoke all contract approvals…
— Multichain (Previously Anyswap) (@MultichainOrg) July 6, 2023

While Multichain is still conducting an investigation into the abnormal movement of funds, a fake "emergency distribution" campaign made rounds on the social media platform Twitter following the incident.

Bad actors are feigning to be representatives of Fantom Foundation--the non-profit organization behind the high-performance blockchain protocol Fantom--and pretending to issue FTM reserves to victims hit by the recent hack in the bridge infrastructure of Multichain.

The account, making rounds online, was reportedly created by malicious actors to look like the legitimate Twitter account of the Fantom Foundation to extract funds from crypto holders.

The tweet loaded with a fake reimbursement invitation and a phishing link, supported by Twitter bots and retweeted more than 6,000 times, has since been deleted by the platform.

It is worth noting this is not the first time one of the bridges on Multichain has been attacked, as multiple such incidents were reported last year.

Multichain enables its users to move tokens between various networks, but it has been facing operational and technical issues since news about its missing CEO surfaced online.

Join the Discussion