Hackers have continued to exploit a vulnerability in the cross-chain bridge Multichain about three days after the weakness surfaced, and have stolen about $3 million in cryptocurrency, according to a report by the online publication Vice.
“The hack against Multichain users keeps getting worse,” Vice reporter Lorenzo Franceschi-Bicchierai tweeted.
A number of Multichain users have said on social media platforms, including the company’s Telegram channel, that Multichain is not providing them with clear information on the ongoing problems or enough support.
“I can’t be the only one who’s incredibly confused by @MultichainOrg’s messaging here,” chainlink commentator and podcaster ChainLinkGod.eth 2.0 tweeted to his more than 130,000 followers. He included screenshots from a Medium post indicating that “funds were safe and unsafe at the same time”
I can’t be the only one who’s incredibly confused by @MultichainOrg’s messaging here
Schrodinger‘s funds, both safe and unsafe at the same time pic.twitter.com/AW8s8aAhHk
— ChainLinkGod.eth 2.0 (@ChainLinkGod) January 19, 2022
The saga started earlier this week when Multichain instructed its users to remove approvals for six tokens, warning that otherwise their assets would be exposed to a security vulnerability. The tokens were WETH, PERI, OMT, WBNB, MATIC and AVAX. Multichain tweeted on Tuesday that hackers had siphoned about $1.4M in wrapped ether from users.
The company has pinned a link to the Medium post on its Twitter account outlining how to remove the approvals.
Multichain, formerly Anyswap, raised $60 million in December in a seed funding round that was led by Binance Labs. Public data shows that Multichain has about $8.8 billion in total value locked.