Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
The cross-chain bridge Multichain said that an important vulnerability affecting six tokens of WETH, PERI, OMT, WBNB, MATIC, and AVAX was officially discovered. Now the vulnerability has been successfully repaired, and all users' assets are safe and cross-chain. Transactions will not be affected. However, if the user has authorized these six assets, he needs to log in as soon as possible to revoke the authorization, otherwise the assets may be at risk. According to the official announcement on the 19th, because some users did not cancel the authorization in time, the stolen funds were about 445 WETH, worth about 1.43 million US dollars. Attack method (per SlowMist): The validity of the parameter is not checked. Reported loss: 455 ETH.
- chain
- —
- protocol
- Multichain
- bug_class
- unknown
- date_occurred
- 2022-01-18
- loss_usd
- —
- source_id
- sm:multichain::2022-01-18