{"id":397015,"date":"2022-01-21T05:42:16","date_gmt":"2022-01-21T02:42:16","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/multichain-hacker-returns-322-eth-keeps-hefty-finders-fee\/"},"modified":"2022-01-21T05:42:16","modified_gmt":"2022-01-21T02:42:16","slug":"multichain-hacker-returns-322-eth-keeps-hefty-finders-fee","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/multichain-hacker-returns-322-eth-keeps-hefty-finders-fee\/","title":{"rendered":"# Multichain hacker returns 322 ETH, keeps hefty finders fee"},"content":{"rendered":"<p>&#8220;<strong># Multichain hacker returns 322 ETH, keeps hefty finders fee <\/strong>&#8221;<br \/>\n<img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDEvZmRlMTAzOWEtYTY3ZC00YWRiLWFjNWItYmY4YTkyYjA3ZmYyLmpwZw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-128018ef>In a dramatic twist, one of this week\u2019s Multichain hackers has returned 322 ETH ($974,000 at the time of writing) to the cross-chain router protocol and one of the affected users.<\/p>\n<p>However the hacker kept 62 ETH ($187,000) as a \u201cbug bounty\u201d, and a <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/MultichainOrg\/status\/1484083811101126656?s=20\">total<\/a> of 528 ETH (worth $1.6M) remains outstanding after the exploits. <\/p>\n<p>Earlier this week, <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">news<\/a> emerged of a security vulnerability with Multichain relating to the tokens WETH, PERI, OMT, WBNB, MATIC, and AVAX, and $1.43 million was stolen. Multichain <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/MultichainOrg\/status\/1483110393543544832?s=20\">announced<\/a> on Jan. 17 the critical vulnerability had been \u201creported and fixed.\u201d<\/p>\n<p>However, publicity about the vulnerability reportedly encouraged a number of different attackers to swoop in, and more than $3 million in funds were stolen. The critical vulnerability in the six tokens still exists, but Multichain has drained around $44.5m of funds from multiple chain bridges to protect them.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Yeah, bridge contract need pause function. <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/lPjLsE5EtR\">https:\/\/t.co\/lPjLsE5EtR<\/a><\/p>\n<p>\u2014 Zhaojun (@zhaojun_sh) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/zhaojun_sh\/status\/1484102614644002816?ref_src=twsrc%5Etfw\">January 20, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\nOne of the hackers, calling himself a &#8220;white hat&#8221; has been in communication with both Multichain and a user who lost $960,000 in the past day or so, to negotiate returning 80% of the money in return for a hefty finders fee.<\/p>\n<p>According to a Jan. 20 <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/TalBeerySec\/status\/1484148588057964549?s=20\">tweet<\/a> from ZenGo wallet co-founder Tal Be\u2019ery, the hacker claimed they hadbeen \u201csaving the rest\u201d of the Multichain users who were being targeted by bots, in an act of defensive hacking.<\/p>\n<p>The funds were returned across four <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/etherscan.io\/address\/0xfa2731d0bede684993ab1109db7ecf5bf33e8051\">transactions<\/a>. On Jan. 20 the hacker returned 269 ETH ($813,000) in two transactions directly to the user he stole it from and kept a bug bounty of 50 ETH ($150,000). <\/p>\n<p>The relieved user responded to the hacker:<\/p>\n<blockquote><p>\u201cWell received, thank you for your honesty.\u201d<\/p><\/blockquote>\n<p>Overnight, the hacker also returned 50 ETH ($150,000) across two transactions to the official Multichain address, and kept a bug bounty of 12 ETH ($36,000). <\/p>\n<p><strong><em>Related: Multichain asks users to revoke <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>rovals amid \u2018critical vulnerability\u2019<\/em><\/strong><\/p>\n<p>Multichain (formerly Anyswap) aims to be the \u201cultimate router for Web3.\u201d The platform supports 30 chains at the moment, including Bitcoin (BTC), Ethereum (ETH), Avalanche (AVAX), Litecoin (LTC), Terra (LUNA), and Fantom (FTM).<\/p>\n<p>In a <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/zhaojun_sh\/status\/1484102614644002816?s=20\">tweet<\/a> on Jan. 20, the Co-Founder and CEO of Multichain Zhaojun conceded that Multichain bridge contracts need a pause function to deal with similar incidents in future.. <\/p>\n<p>Cointelegraph has contacted the project for comment.<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"markets_outlook\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more News articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/multichain-hacker-returns-322-eth-keeps-hefty-finders-fee\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;# Multichain hacker returns 322 ETH, keeps hefty finders fee &#8221; In a dramatic twist, one of this week\u2019s Multichain hackers has returned 322 ETH ($974,000 at the time of writing) to the cross-chain router protocol and one of the affected users. However the hacker kept 62 ETH ($187,000) as a \u201cbug bounty\u201d, and a&#8230;<\/p>\n","protected":false},"author":1,"featured_media":397016,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDEvZmRlMTAzOWEtYTY3ZC00YWRiLWFjNWItYmY4YTkyYjA3ZmYyLmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74867,74894,74868,74891,74880,70944,73711],"class_list":["post-397015","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-altcoin","tag-blockchain","tag-defi","tag-ethereum","tag-transactions","tag-hackers","tag-investments"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/397015","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=397015"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/397015\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/397016"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=397015"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=397015"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=397015"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}