Gate.ioBlogTether Blacklist Multichain’s Hacked ETH Address
Tether Blacklist Multichain’s Hacked ETH Address
11 March 11:22
[TL;DR]
Tether has frozen an Ethereum address holding over $715,000 in USDT, data reports from Etherscan have shown. The wallet address was linked to some hackers who stole about $3 million worth of cryptocurrency from Multichain. Before the hack, the team behind the Multichain project had warned users about a security vulnerability that the hackers eventually exploited.
It is not the first time that Tether would blacklist Ethereum addresses. After a breach in 2017 that resulted in the loss of $30 million worth of blocklisting.
Also, in January 2022, Tether blacklisted three Ethereum addresses that contained $160 million worth of USDT. This post will review the events leading up to the blacklisted Ethereum addresses.
In a 2020 news report by The Block, Tether reported that they had blacklisted 39 Ethereum addresses containing USDT. The blacklisting of Ethereum addresses started in 2017 after a massive breach led to the loss of $30 million worth of USDT.
-What is the purpose of the Ethereum Blacklist?
The primary purpose of the Ethereum blacklist is to freeze the funds in the wallet address.
When Tether freezes a wallet address, the account can neither receive nor send USDT. It means the wallet is unusable, and the funds are frozen. Tether devised the method of blacklisting wallet addresses to recover lost funds. For more context, Tether reported earlier in January that they have recovered about $87 million in lost USDT funds sent to wrong addresses since their inception in 2014. The company's primary method in recovering these funds is blacklisting these incorrect Ethereum addresses, rendering the funds in them useless.
The company has also been instrumental in helping law enforcement agencies by blacklisting addresses belonging to individuals under investigation.
The timeline of blacklisted Ethereum addresses shows that Tether first did it in 2017. By 2020, Tether had reportedly banned 39 Ethereum addresses. In September 2020, Tether reportedly blacklisted accounts that contained $35 million worth of USDT; these accounts were allegedly used to hack the Kucoin Exchange. Data show that by January 2022, over 563 Ethereum addresses have been blacklisted since inception, with 312 of those blacklisting happening in 2021 alone.
One of the significant blacklistings was done in January 2022 when Tether froze $150 million worth of USDT in three Ethereum addresses. Some crypto observers have criticized the system of blacklisting Ethereum addresses. According to Mike Chan, the Chief Commercial Officer of UTU technologies, the action is "the diametric opposite of what crypto is about."
Multichain Warns Users About A Security Flaw
Multichain notified its users of a security vulnerability exploited by malicious individuals. In a report by Yahoo Finance, about $3 million worth of USDT has been lost to the security breach.
In a public notice, Multichain, formerly Anyswap, asked all its users to remove approvals for six tokens. According to the platform, users that granted permissions to Wrapped ETH (WETH), Peri Finance (PERI), Official Mars Token (OMT), Wrapped BNB (WBNB), Polygon (MATIC), and Avalanche (AVAX) were at risk of a breach.
The hack, which started on Monday, the 17th of January, had led to the loss of over $3 million two days later. In a report on Vice, users were still getting hacked a week after Multichain reported they had "contained" the hack. According to the news report, $3.8 million worth of crypto was stolen by hackers.
Experts have expressed concern about the medium used by Multichain to make the announcement. In a news report by Vice, when Multichain made the information about the security flaw public and asked users to take action, they put the users in the line of fire. They inadvertently told the hackers about the vulnerable wallets by informing the public about the security breach. However, some experts have commended Multichain for the approach taken to protect their users. According to Yannis Smaragdakis, the co-founder of Dedaub, over 5,000 vulnerable wallets contained over $1 billion of cryptocurrency.
In another development, one hacker offered to return 80% of the stolen funds while keeping 20% as a "tip for saving your money." The message was in a transaction to the Wrapped ETH blockchain. It remains to be seen if Multichain has an insurance policy against such occurrences and if the victims will have their funds repatriated.
Author: Gate.io Observer: M. Olatunji Disclaimer:
* This article represents only the views of the observers and does not constitute any investment suggestions.
*Gate.io reserves all rights to this article. Reposting of the article will be permitted provided Gate.io is referenced. In all other cases, legal action will be taken due to copyright infringement.
This page is not intended for residents and citizens of Spain, Cuba, Bolivia, Venezuela and other Spanish-speaking jurisdictions listed in the Restricted Locations related terms of Gate.io's User Agreement.Español
This page is not intended for residents and citizens of France, Canada and other French-speaking jurisdictions listed in the Restricted Locations related terms of Gate.io's User Agreement.Français (Afrique)