CyVers Discovers $126M Multichain Hack
July 2023 by CyVers
The AI-based CyVers platform detected the bridge exploit on Thursday, July 6, and the team immediately notified Multichain and the Web3 community to ensure that action could be taken to minimize the potential for additional losses.
The Multichain team confirmed the assets were moved to an unauthorized address. However, they are still uncertain about the exact nature of the incident and have recommended that users suspend all services. CyVers suspects the exploit could be a hack, rug pull, or an insider job involving a compromised private key.
Following the incident, Circle and Tether swiftly blacklisted addresses holding $67.5 million in stolen Multichain assets. With operations temporarily halted and concerns arising about leadership absence and centralization, Multichain is under intense scrutiny
The CyVers platform was also the first to discover the PolyNetwork bridge hack on July 1.
Beyond being a bridge attack, the Multichain incident is unusual on two counts.
1) They were prepared. Two hours before it occurred, the hackers performed three test transactions of US$2 each to ensure they would avoid difficulties during the major hack.
2) The post-attack pattern was very different. Usually, hackers try to launder the money as quickly as possible by swapping it into DEX and CEX (as we saw in PolyNetwork case). This time, the money has not moved for a few days; it is still on the hackers’ addresses.
The $126M hack is the second biggest cyber-attack this year and a stark reminder of insufficiencies in Web3 security. With increasingly sophisticated hacks, more proactive, robust security is necessary to deal with the complexities and novel challenges of the Web3 environment.
CyVers identifies and mitigates such security threats by analyzing network behaviors in the blockchain transaction space. The platform collects cross-blockchain data and applies AI-based geometric anomaly detection to identify topological outliers and swiftly detect emerging threats, including smart contract exploits and private key leakage. This enables stakeholders to respond quickly and implement effective countermeasures against exploitation and money laundering.