In a July 10 report, Chainalysis has questioned whether the larger amount of funds flowing out of Multichain in the past few days may be the result of a rug pull by insiders.
Chainalysis explained that in most security attacks, hackers tend to swap tokens issued by an institution – which can be quickly frozen – into decentralized tokens. However, the hackers still kept USDC and USDT instead, so Circle and Tether successfully stopped the outflow with 65 million USDC and 2.5 million USDT respectively.
Chainalysis also added that the exploit occurred due to the MPC system, a type of multi-signature wallet that requires confirmation from many parties at the same time. Therefore, the attacker must have sufficient MPC keys to gain access.
Although cross-chain bridge exploits can be difficult to predict, Chainalysis has eliminated the possibility that the Multichain codebase is at fault because the project has conducted code audits. Therefore, the Multichain hack appears to have been caused by compromised keys rather than by flawed code.
Multichain has been exploited for nearly $130M on July 7 and $120M on July 10. These funds were sent to many wallet addresses in the form of many different tokens. Then, Multichain has suspended bridge transactions without explanation, leaving the community confused and worried.
Chainalysis claimed that the CEO of Multichain, known as “Zhaojun,” vanished in late May as the most overt manifestation of these internal problems. As a result of the platform’s delayed transactions and other technical issues, Binance stopped supporting a number of its bridging tokens on July 7.