Hackers have continued to exploit a vulnerability in the cross-chain bridge Multichain about three days after the weakness surfaced. They have stolen about $3 million in cryptocurrency, according to a report by the online publication Vice.
"The hack against Multichain users keeps getting worse," Vice reporter Lorenzo Franceschi-Bicchierai tweeted.
A number of Multichain users have said on social media platforms, including the company's Telegram channel, that Multichain is not providing clear information on the ongoing problems or enough support.
"I can’t be the only one who’s incredibly confused by @MultichainOrg’s messaging here," Chainlink commentator and podcaster ChainLinkGod.eth 2.0 tweeted to his more than 130,000 followers. He included screenshots from a Medium post indicating that "funds were safe and unsafe at the same time"
The saga started earlier this week when Multichain instructed its users to remove approvals for six tokens, warning that otherwise their assets would be exposed to a security vulnerability. The tokens were WETH, PERI, OMT, WBNB, MATIC and AVAX. Multichain tweeted on Tuesday that hackers had siphoned about $1.4M in wrapped ether from users.
The company has pinned a link to the Medium post on its Twitter account outlining how to remove the approvals.
CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk offers all employees above a certain salary threshold, including journalists, stock options in the Bullish group as part of their compensation.