A white-hat hacker has returned 322 Ethereum (around $900,000) after an exploit drained Multichain users of more than $3 million worth of crypto this week. 

Up to $1.5 million worth of Ethereum is still at large, however.

Multichain is a cross-chain router protocol that bridges users between thirty different blockchains, including Bitcoin, Ethereum, and Terra. 

This week’s critical vulnerability appears to have affected six tokens on the protocol: Wrapped ETH (WETH), Peri Finance Token (PERI), Official Mars Token (OMT), Wrapped BNB (WBNB), Polygon (MATIC), and Avalanche (AVAX).

On Monday, Multichain announced on Twitter that the problem had been “reported and fixed.” 

However, more attackers swooped in after the announcement and were still able to exploit the protocol through the same vulnerability, with one hacker stealing as much as $1.43 million

The White Hat Multichain hacker

In the badlands of crypto, critical vulnerabilities aren’t just exploited by criminals for self-interested motives, they also draw the attention of blockchain vigilantes called “white hat” hackers, who exploit vulnerabilities to report them and collect a bounty. 

​​

One of the attackers that attacked Multichain after Monday’s announcement was a white hat. 

The hacker returned 322 ETH (around $900,000) to an affected user and kept 62 ETH ($173k) as a bounty for themselves.

Ethereum
ETH
-1.89%$1,832.16

24H7D1M1YMAX
Created with Highcharts 10.3.3Apr 4Apr 6Apr 8Apr 10Apr 12Apr 14Apr 16Apr 18Apr 20Apr 22Apr 24Apr 26Apr 28Apr 30May 2$1300$1400$1500$1600$1700$1800$1900$2000

The hacker also returned 52 ETH ($139,000) to Multichain and kept around 12 ETH as a bounty. 

Around 527 ETH, or just under $1.5 million, is still missing, however. 

On Thursday, Multichain CEO and co-founder Zhaojun took to Twitter and confirmed ZenGo wallet co-founder Tal Be’ery’s theory that the vulnerability was due to the fact that Multichain’s bridge contracts need a pause function to prevent loss of funds in the future.

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.