Blockchain security and analytics firm Chainalysis suggests that the recent multi-million dollar exploit of cross-chain bridge protocol Multichain may have been an inside job or rug pull orchestrated by insiders. The unauthorized withdrawals, resulting in losses of over $125 million, point to a potential compromise of administrator keys. Chainalysis highlights recent internal issues faced by Multichain and the disappearance of its CEO, adding to the suspicions. While the investigation continues, questions arise about the platform’s security and the handling of centrally controlled assets.
Internal Rug Pull Suspicions:
Chainalysis indicates that the exploit targeting Multichain’s cross-chain bridge protocol could be an inside job or rug pull conducted by insiders. The compromise of administrator keys, potentially through an inside source, could have enabled the unauthorized withdrawals. This theory gains traction due to recent internal problems experienced by Multichain, including the CEO’s disappearance and technical issues affecting transactions.
Multichain’s Troubled History:
Multichain’s smart contracts employ a multi-party computation (MPC) system similar to a multi-signature wallet. However, the platform has faced challenges, including delayed transactions and technical difficulties leading to Binance discontinuing support for bridged tokens. Chainalysis highlights these issues as indicative of internal struggles within Multichain, raising suspicions surrounding the exploit.
Response from Chainalysis:
Chainalysis, describing the exploit as a possible rug pull, suggests that the compromised MPC keys may have been a factor in the unauthorized withdrawals. While it remains unclear whether an external hacker or an insider orchestrated the exploit, many experts and analysts lean towards the possibility of an inside job given the recent issues faced by Multichain.
Further Developments and Freezing of Assets:
Recent reports from blockchain sleuths indicate additional spurious movements of Multichain tokens. Abnormal outflows have been observed, with the Multichain Executor address draining various addresses across multiple chains. In response to the exploit, stablecoin issuers Circle and Tether froze assets worth over $65 million tied to Multichain. Chainalysis finds it intriguing that the exploiter did not swap out centrally controlled assets like USDC, which can be frozen by the issuing company.
The exploit of Multichain’s cross-chain bridge protocol raises suspicions of an internal rug pull or an inside job, according to Chainalysis. The compromise of administrator keys and the platform’s recent internal issues contribute to the speculation. As the investigation continues, questions arise about the security measures implemented by Multichain and the handling of centrally controlled assets. Further developments will shed light on the extent of the exploit and its implications for Multichain and the affected stakeholders.
