Hackers have continued to exploit a vulnerability in the cross-chain bridge Multichain about three days after the weakness surfaced. They have stolen about $3 million in cryptocurrency, according to a report by the online publication Vice.
"The hack against Multichain users keeps getting worse," Vice reporter Lorenzo Franceschi-Bicchierai tweeted.
A number of Multichain users have said on social media platforms, including the company's Telegram channel, that Multichain is not providing clear information on the ongoing problems or enough support.
"I can’t be the only one who’s incredibly confused by @MultichainOrg’s messaging here," Chainlink commentator and podcaster ChainLinkGod.eth 2.0 tweeted to his more than 130,000 followers. He included screenshots from a Medium post indicating that "funds were safe and unsafe at the same time"
The saga started earlier this week when Multichain instructed its users to remove approvals for six tokens, warning that otherwise their assets would be exposed to a security vulnerability. The tokens were WETH, PERI, OMT, WBNB, MATIC and AVAX. Multichain tweeted on Tuesday that hackers had siphoned about $1.4M in wrapped ether from users.
The company has pinned a link to the Medium post on its Twitter account outlining how to remove the approvals.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.