Multichain users who didn't update their approvals as instructed yesterday have been exploited and have lost 445 wrapped ether ($1.4 million), the project tweeted on Tuesday.
- On Monday, Multichain instructed its users to remove approvals for six tokens and said otherwise their assets would be exposed to a security vulnerability. The tokens in question were WETH, PERI, OMT, WBNB, MATIC and AVAX.
- Decentralized finance security firm Dedaub first found the flaw, which Multichain said it had fixed.
- Because the users have to be the ones to remove the approvals, there isn't much Multichain can do, PeckShield told CoinDesk in a Twitter message.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.