Multichain Bridge Exploit: Trader’s $280K Becomes $1.9 M Windfall
A wallet address has managed to transform nearly 1.9 million Fantom tokens, initially worth $280,000, into $1.9 million after the long-frozen Multichain Bridge momentarily opened.
The Multichain Bridge, which had been inactive since its exploitation back in July 2023, opened and quickly closed on November 1st.
Capitalizing on this opportunity, a wallet address used depegged assets, such as Wrapped Bitcoin (wBTC), which were priced lower on the Fantom network compared to their equivalents on the Ethereum network to generate millions in profits.
looks like someone was able to drain ~$1MM from @MultichainOrg in the last ~3 hours even though it's supposed to be frozen
— devops199fan 🔪📜😅 ⌐◨-◨ (@devops199fan) November 1, 2023
The wallet address, starting with 0x4372, initially withdrew 1.9 million FTM tokens from the Binance exchange.
These tokens were then traded for Bitcoin on the Fantom Network, which was priced lower compared to other blockchains.
The trader then executed a cross-chain transfer, receiving 28.4 wBTC (equivalent to $977,000), 357 Ether (equivalent to $642,000), and 298,000 Tether USDT.
The assets were subsequently bridged out and transferred back to Binance.
Crypto Community Questions Who Opened Multichain Bridge
It is worth noting that it was not just the wallet address that drew the most attention, rather the crypto community focused their scrutiny on the “Multichain executor” responsible for the bridge’s momentary opening.
Earlier this year in July, the Multichain Fantom bridge was exploited for over $126 million.
During that incident, several ERC-20 assets, including 7,214 Wrapped Ether (wETH) tokens worth $13.6 million, 1,024 wBTC worth $31 million, and $58 million worth of USD Coin USDC, were drained.
Many individuals speculated on social media platforms, such as X (formerly Twitter), questioning the timing of the trade and suggesting it might be an inside job.
As the wallet address appeared to be the sole beneficiary of the bridge’s opening, some users contended that Multichain, dormant for over 120 days, was briefly activated solely to execute these specific transactions in favor of the wallet owner.
“Since the multichain debacle the bridge is closed so it’s not possible to do so Magically today the bridge reopened so this guy was able to buy BTC for cheap on Fantom and resell it on eth,” one Twitter user wrote.
This is the thing.
Since the multichain debacle the bridge is closed so it’s not possible to do so
Magically today the bridge reopened so this guy was able to buy BTC for cheap on Fantom and resell it on eth
— CryptoDinduz🤴🏼👻 (@CryptoDinduz) November 1, 2023
However, 0xScope, a Web3 data analytics firm, stated that there is currently no concrete evidence to support the theory of an inside job by the trader.
They noted that while Multichain still has operational chains, such as KCC, Moonriver, and Moonbeam, it is likely that the Multichain team is attempting to restart their operations.
The latest Multichain exploit comes shortly after DeFi project Onyx Protocol fell victim to a security breach, losing more than $2 million worth of crypto assets.
According to a post by blockchain security firm Polyzoa, the attacker exploited a rounding issue within the Onyx Protocol to steal $2.1 million worth of funds from the platform.
“The attacker exploited this issue to steal $2.1M from the oPEPE market, which had been deployed just five days prior with no liquidity,” the post read.