Multichain Bridges Exploited for Nearly $130M Across Fantom, Moonriver and Dogechain

Multichain developers told users to revoke smart contract approvals after locked funds had been moved to an unknown address abnormally.

AccessTimeIconJul 6, 2023 at 8:35 p.m. UTC
Updated Jul 11, 2023 at 5:42 p.m. UTC

Cross-chain router protocol Multichain has been exploited for nearly $130 million after an attacker siphoned capital out of numerous token bridges.

"The lockup assets on the Multichain MPC address have been moved to an unknown address abnormally," Multichain wrote on Twitter. "The team is not sure what happened and is currently investigating. It is recommended that all users suspend the use of Multichain services and revoke all contract approvals related to Multichain."

The unexpected outflows stripped Multichain’s Fantom bridge of nearly its entire holdings in wBTC, USDC, USDT and a handful of altcoins. Together, the assets were worth over $130 million. On-chain sleuths described the activity as highly unusual; Fantom Foundation CEO Michael Kong told CoinDesk he was “looking into it.”

Multichain has been under pressure for over a month because of failing tech and its AWOL CEO. The trio of unexplained outflows from Multichain’s Fantom, Moonriver and Dogecoin bridge contracts sparked fears on crypto Twitter that a hack could be afoot. Multichain could not immediately be reached for comment.

Binance CEO Changpeng 'CZ' Zhao said that the exploit does not impact Binance users.

"Looks like another hack happened on Multichain. This DOES NOT affect users on Binance itself. We have swapped all assets out and closed deposits a while back. Regardless, we offer our assistance in helping with the situation," CZ wrote on Twitter.

Assets transferred out of the Multichain Fantom bridge, with at least $20 million of the altcoins including DAI, LINK and USDT going to 0x9d57. Other transfers saw outbound moves of 1,023 wBTC (~$30.9 million) 7,214 wETH (~$13.6 million), and $57 million USDC between two separate addresses.

Multichain’s Moonriver bridge contract has seen $6.8 million in token outflows with nearly all its wBTC, USDT, USDC and DAI going to 0x48BeAD. An address identified as Mulitchain’s Dogecoin bridge has seen over $600,000 in outflows of USDC.

UPDATE (July 7, 2023, 09:17 UTC): Updates headline and adds context on the exploit throughout.

Edited by Danny Nelson and James Rubin.


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Danny Nelson

Danny is CoinDesk's Managing Editor for Data & Tokens. He owns BTC, ETH and SOL.