Quick Take
- A bug in cross-chain protocol Multichain has been exploited for $1.34 million, according to researchers.
- While the bug had already been fixed for new users, past users needed to take action to prevent themselves from being affected.
Cross-chain protocol Multichain (previously known as Anyswap) has been exploited for $1.34 million — according to security researchers PeckShield. This occured through a bug that the platform had recently dislosed.
On January 17, Multichain revealed that it had found a critical vulnerability and had fixed it. It said that the bug affected six tokens, including wrapped ether (WETH).
But the problem is that the protocol couldn't fix the bug from affecting past users who had interacted with the protocol. Instead, this required users to manually go to their wallets and revoke permissions that they had previously given to the protocol. Multichain said that these users should do this immediately otherwise their assets would remain at risk.
It appears that many users have not done so and the bug is now being exploited.
"Someone is exploiting this literally *right now*. If you haven't revoked approvals yet you should probably do so before it's too late," tweeted a Paradigm researcher known as Samczsun.
PeckShield identified that the funds have been transferred to a single blockchain address.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
暂时没有评论,赶紧抢沙发吧!