Blockchain

Multichain Hacker Returns 322 ETH, Charges High Finder Fees

[ad_1]

In a dramatic twist, a multi-chain hacker this week has returned 322 ETH ($974,000 at the time of writing) to the cross-chain router protocol and an affected user.

However, the hacker kept 62 ETH ($187,000) as a “bug bounty”, and all After the exploit, 528 ETH (worth $1.6 million) remained outstanding.

earlier this weekIt was reported that there was a security breach in Multichain associated with the tokens WETH, PERI, OMT, WBNB, MATIC and AVAX, and $1.43 million was stolen.Multichain Announce On January 17, the critical vulnerability was “reported and fixed.”

However, publicity about the vulnerability reportedly encouraged many different attackers, and more than $3 million in funding is stolen. Critical vulnerabilities for the six coins remain, but Multichain has withdrawn around $44.5 million from multiple bridges to secure them.

One of the hackers, a self-described “white hat,” has been communicating with Multichain and a user who lost $960,000 in the past day or so to negotiate a return of 80 percent of the funds in exchange for a hefty finder fee.

According to January 20 tweet Hackers from ZenGo wallet co-founder Tal Be’ery claim they have been “saving” the rest of Multichain’s users from being attacked by bots, a defensive hack.

Funds are returned in four installments trade. On January 20, the hacker returned 269 ETH ($813,000) directly to the user he stole from in two transactions and kept a bug bounty of 50 ETH ($150,000).

A relieved user responded to the hack:

“Very welcome, thank you for your honesty.”

Overnight, the hackers also returned 50 ETH ($150,000) to the official Multichain address in two transactions and kept a bug bounty of 12 ETH ($36,000).

Related: Multichain asks users to revoke approval in ‘critical vulnerability’

Multichain (formerly Anyswap) aims to be “the ultimate router for Web3”. The platform currently supports 30 chains, including Bitcoin (BTC), Ethereum (ETH), Avalanche (AVAX), Litecoin (LTC), Terra (LUNA) and Fantom (FTM).

in a tweet On January 20, the co-founder and CEO of Multichain Zhaojun admitted that the Multichain bridge contract needs to suspend the function in response to similar events in the future.

Cointelegraph has reached out to the project for comment.