Multichain users who didn’t update their approvals as instructed yesterday have been exploited and have lost 445 wrapped ether ($1.4 million), the project tweeted on Tuesday.
- On Monday, Multichain instructed its users to remove approvals for six tokens and said otherwise their assets would be exposed to a security vulnerability. The tokens in question were WETH, PERI, OMT, WBNB, MATIC and AVAX.
- Decentralized finance security firm Dedaub first found the flaw, which Multichain said it had fixed.
- Later on Tuesday, crypto security firm PeckShield revealed the wallet address where the stolen funds had been deposited. The address holds 455 ether as of the time of writing.
- Because the users have to be the ones to remove the approvals, there isn’t much Multichain can do, PeckShield told CoinDesk in a Twitter message.
- Multichain, formerly Anyswap, is a cross-chain bridge which raised $60 million in December in a seed funding round that was led by Binance Labs.
Read more: Anyswap Rebrands to Multichain, Raises $60M Led by Binance Labs