Cross-chain router protocol Multichain (formerly Anyswap) is asking users to revoke permissions on six tokens to avoid leaks due to a “critical vulnerability” currently being exploited by malicious individuals.
Users who allowed WETH, PERI, OMT, WBNB, MATIC and AVAX on the multichain platform are now at risk, experts warn. To avoid losses, the multichain team advises Users to revoke all permissions given to the specified tokens so they can protect their crypto assets.
Also multichain released a step-by-step guide on how users can easily revoke permissions. In a tweet, the company also advised users not to transfer any of the affected tokens before the permits were revoked.
The vulnerability was first discovered by a security company called Dedaub and reported to the Multichain team. The issue was then resolved and Multichain reports that all digital assets of their V2 Bridge and V3 Router are secured.
However, at the moment, hackers are still exploiting the vulnerability to gain access to users’ funds. At the time of writing, Multichain reports that a total of 445 WETH ($1,412,274.25) is affected.
Please revoke your permissions as soon as possible. Someone is taking advantage of this. https://t.co/fFGcrjNN0e
– Dedaub (@dedaub) January 18, 2022
Related: DeFi protocol Grim Finance lost $30 million in 5-fold reentrancy hack
Meanwhile, reports show that hacks and scams have cost users over $10.2 billion in 2021. However, despite the losses, the community is taking the appropriate measures to adapt. CEO and Founder of Security Immunefi, That’s what Mitchell Amador recently told Cointelegraph that “despite the emergence of entirely new vulnerabilities in the on-chain economy, the community is rapidly adapting.” According to Amador, the community is spreading the “best practices” for securing their digital assets.
Aside from Immunefi, many digital asset security firms are alert for possible hacks, scams, and carpet pulls. earlier this month, Certik identified Arbix Finance as a carpet puller, which warns users to stay away from the project to protect their digital assets.