Multichain (previously Anyswap), a Cross-chain Router Protocol (CRP) that allows for on-chain asset interoperability, has warned its users that they might be at risk of getting hacked. To forestall this risk, users have been advised to revoke wallet permission for 6 tokens listed on the platform.
Multichain directs users on how to mitigate the risk of getting hacked
According to a blog post by Multichain (MULTI), a security vulnerability has been found that affects six cross-chain tokens on its platform. The vulnerability was identified by crypto-security firm Dedaub and has been fixed. However, users of the platform will have to log in and revert wallet permissions granted to the six affected tokens including wrapped Ethereum (WETH), PERI Finance (PERI), Mars Token (OMT), Wrapped Binance Coin (WBNB), Polygon (MATIC), and Avalanche (AVAX).
If you ever have approved any of these 6 tokens on the Router(WETH, PERI, OMT, WBNB, MATIC, AVAX), please login into https://app.multichain.org/#/approvals to remove any approvals of the 6 tokens asap, the post directs.
Multichain adds that while the technical details of the threat were yet to be exposed, all other assets on the platform were safe. It also provides guidance on how users can go about revoking permissions for the affected tokens.
Multichain previously suffered from a hack last July, while it was still Anyswap. Its V3 bridge was exploited, with the hackers draining over $3 million worth of USDC and Magic internet money (MIM) coins. At the moment, the platform has over $8 billion in total value locked, comprising over 1300 tokens from 10 different blockchains.
Malicious actors already attacking crypto platforms in 2022
Multichain has not been the only platform to report a security risk on their platform this year. Crypto.com became the first centralized crypto exchange to fall victim to a Cryptocurrency hack in the new year. Multiple user complaints have emerged that their crypto balances have been mysteriously reduced, with some reporting that all their crypto was gone. Crypto.com has addressed the issue. In a tweet, it announced that it has shut down all withdrawals and assured users that the funds were safe.
In another hack this year, CityDAO, a decentralized land ownership platform, fell victim to a $95,000 hack by fraudsters on gaming instant messaging site Discord. The latest spate of hacks is coming after the crypto space saw over $10 billion worth of crypto stolen last year in DeFi, and CEX hacks, as well as rug pulls and crypto scams according to an estimate by Immunefi.