Share this article
Multichain Says $1.4M in Ether Siphoned From Users Who Failed to Update Approvals
The cross-chain bridge urged users to remove approvals for six tokens after it was alerted to a security flaw.
Updated May 11, 2023, 3:40 p.m. Published Jan 18, 2022, 11:14 a.m. 1 min read
Multichain users who didn't update their approvals as instructed yesterday have been exploited and have lost 445 wrapped ether ($1.4 million), the project tweeted on Tuesday.
- On Monday, Multichain instructed its users to remove approvals for six tokens and said otherwise their assets would be exposed to a security vulnerability. The tokens in question were WETH, PERI, OMT, WBNB, MATIC and AVAX.
- Decentralized finance security firm Dedaub first found the flaw, which Multichain said it had fixed.
- Later on Tuesday, crypto security firm PeckShield revealed the wallet address where the stolen funds had been deposited. The address holds 455 ether as of the time of writing.
- Because the users have to be the ones to remove the approvals, there isn't much Multichain can do, PeckShield told CoinDesk in a Twitter message.
- Multichain, formerly Anyswap, is a cross-chain bridge which raised $60 million in December in a seed funding round that was led by Binance Labs.
Read more: Anyswap Rebrands to Multichain, Raises $60M Led by Binance Labs
More For You
The new earn product lets users generate BTC-denominated rewards through DeFi strategies while keeping exposure to bitcoin’s price.
What to know:
- Kraken launched Bitcoin Vault, a new product within Kraken Earn aimed at long-term bitcoin holders seeking passive yield.
- The product is powered by Veda and operated by Sentora, with funds deployed across DeFi protocols including Aave and Morpho.
- The crypto platform's broader DeFi Earn offering has grown to more than...
Top Stories
