In a shocking turn of events, the cross-chain router protocol Multichain has been targeted in an exploit, resulting in significant losses.

The exploit specifically targeted Multichain’s Fantom bridge, leading to the extraction of valuable crypto assets such as WBTC, USDC, DAI, wETH, and Link. 

The stolen funds amounted to a staggering $126 million, with WBTC accounting for $30.9 million, wETH for $13.6 million, and USDC for $57 million.

Multichain’s Response And Security Firms’ Analysis Of The Exploit

On Thursday, July 6, blockchain security company PeckShield posted a screenshot on Twitter showing some concerning transactions happening in the Multichain wallet. The screenshot showed a significant amount of USDC, Wrapped BTC, and Wrapped ETH being moved in single transactions.

PeckShield later confirmed that the breach had indeed happened and that Multichain had lost over $126 million to the hack. The breach was also confirmed when Multichain itself took to Twitter to announce that assets held in their MPC address had been abnormally transferred to an unknown destination. 

As a precautionary measure, Multichain urged users to suspend the use of their services and revoke all contract approvals. Notably, most of the damage seems to have occurred with tokens on the Fantom blockchain.

Given this, Michael Kong, CEO of Fantom Foundation, expressed his commitment to investigating the incident and determining the extent of the damage caused.

This latest hack adds to the mounting challenges faced by Multichain, which has already experienced a drop in price due to rumors of arrests of key members.

Multichain’s Woes And Binance’s Response

Changpeng Zhao, CEO of the largest crypto exchange in the world, Binance, took to the platform to assure users that they had no exposure to the DeFi protocol. According to him, the exchange had already swapped out all of its assets from Multichain and disabled deposits as well.

The decision to halt deposits of 10 Multichain bridged tokens seems to have come just in time as Binance’s announcement happened on Wednesday, and Multichain was exploited on Thursday. This move from the exchange has likely saved its users millions of dollars.

However, the CEO offered Binance’s support to the DeFi protocol as they navigate the exploit. Cross-chain bridges have historically been susceptible to exploits, seeing the highest amount of funds stolen so far in the DeFi space. This is because cross-chain bridges are more likely to feature vulnerabilities as their security depends on the chains they are bridging.

According to a Token Terminal study released in December 2022, over $2.5 billion was lost to cross-chain bridge attacks between 2020 and 2022 alone. The Ronin Bridge exploit linked to South Korean hackers saw investors lose $650 million to the hackers in 2022.

Crypto.com has recently submitted legal documents, dated July 7, in a bid to recover from an erroneous $50,000 transaction and over $26,000 in additional funds generated as a consequence

The case revolves around an incident involving Georgia resident James Deutero McJunkins Jr., a Crypto.com user who allegedly received an erroneous deposit of $50,000 in his Crypto.com account on June 24, 2022.

McJunkins transferred these funds to a bank account on the day of the deposit. Crypto.com asked McJunkins to return the funds several times, and after he failed to do so, initiated an arbitration process. The firm lodged claims, including breach of contract, civil theft under Fla. Stat. § 772.11, unjust enrichment, and conversion.

Crypto.com received an arbitration award at the end of the process.  This result required McJunkins to pay $76,391.46 to Crypto.com within 30 days of the award being issued. However, McJunkins failed to meet this obligation, prompting the company to seek confirmation from the court through its latest legal filing.

The filing notes that the arbitration award could be vacated or modified in case of fraud, partiality, misconduct, abuse of power, miscalculation, or other issues in the arbitration process. However, Crypto.com said that these factors are not at play and notes that McJunkins did not respond to or dispute its arbitration award.

The awarded $76,391.46 is a sum total of $50,000 in actual damages, $1,786.11 in statutory interest, $21,205.35 in attorneys’ fees, and $3,400 in arbitration costs.

Crypto.com addressed another large error in 2022

Crypto.com addressed another erroneous transaction less than one year ago in late 2022. The crypto company paid more than $10 million to a user instead of the approximately $100 that it actually owed. The affected users were similarly charged with theft and have been compelled to return most of those funds.

These cases serve as a reminder that acceptance of large incorrect transactions can have legal repercussions, even if those transactions involve crypto.

The post Crypto.com seeks to recover $76K related to transaction error appeared first on CryptoSlate.