Top

Suspected Malicious Activity Drains AnySwap Tokens via Multichain Executor

Web3 & Enterprise·July 13, 2023, 12:06 AM

According to an on-chain sleuth known as Spreek, a person is using the Multichain Executor to drain tokens associated with the AnySwap bridging protocol.

Multichain is a cross-chain routing network, established and maintained by a Chinese developer team. It supports in excess of 25 blockchains and more than 1,100 tokens.

Photo by Marek Piwnicki on Unsplash

 

$100 million outflow

This revelation comes after abnormal outflows of over $100 million from Multichain bridges on July 7, which were flagged by the Multichain team. Spreek’s report via Twitter on July 10 states that the Multichain Executor address has been draining anyToken addresses across multiple chains and transferring them to a new externally owned account (EOA).

Evidence provided in the report includes an Ethereum transaction, 0x53ede4462d90978b992b0a88727de19afe4e96f0374aa1a221b8ff65fda5a6fe, which called the “anySwapFeeTo” method on the Multichain Router: V4 contract. This transaction resulted in approximately $15,275.90 worth of anyDAI being minted on Ethereum, sent to the Multichain Executor, burned, and exchanged for the underlying DAI backing the asset.

The funds from these transactions were sent to the following address:0x1eed63efba5f81d95bfe37d82c8e736b974f477b. Similarly, on the BNB Smart Chain (BSC), the Multichain Executor used the anySwapFeeTo function to convert $208,997 worth of anyUSDC into Binance-pegged USDC and sent them to the same address. Additionally, 50.80 anyBTC, equivalent to $39,251.43 at the time, was converted into Binance-pegged Bitcoin and sent to the address.

In total, approximately $263,524.33 worth of tokens were sent to this address through the anySwapFeeTo method. Spreek suggests that this behavior could be part of the protocol’s normal functioning. However, a different account engaged in similar activity the day before and ultimately sold the drained tokens, indicating malicious intent.

 

Potential exploit

Spreek theorizes that the attacker may be exploiting the anySwapFeeTo function by setting fees to an arbitrarily large amount, allowing them to drain users’ funds. The function apparently permits setting any value, enabling the address to choose the total value of the token held in that anyToken.

The Multichain incident has puzzled blockchain analysts, as it remains unclear whether it resulted from an exploit or if it was simply large token-holders moving their funds between networks. The mystery began on July 7 when over $100 million worth of tokens were withdrawn from the Ethereum side of Multichain’s bridges and transferred to wallet addresses with no prior transactions. This represented the majority of funds held on each bridge.

 

Hack or rug pull

The Multichain team labeled these withdrawals as “abnormal” and advised users to stop using the protocol. However, they have not disclosed the source or nature of the anomaly. In response to the incident, stablecoin issuers Circle and Tether froze some of the addresses involved in the suspicious transactions. Chainanalysis, a blockchain analytics firm, has commented that the incident appears more like a hack or rug pull rather than a migration.

Adding to the complexity, the Multichain team has reported that their CEO is missing, and they have shut down certain bridges due to losing access to some of the network’s multi-party computation network servers. There have been various concerns relative to Multichain since May. The situation continues to evolve, with ongoing investigations and efforts to mitigate any potential damage caused by the suspected malicious activity.

More to Read
View All
Policy & Regulation·

Dec 22, 2025

South Korea plans to revive crypto ICOs under stricter disclosure and oversight rules

South Korea is set to allow initial coin offerings (ICOs) next year, easing a ban on crypto fundraising that has been in place since 2017. A draft of the Digital Asset Basic Act, prepared by the Financial Services Commission, would allow domestic sales of digital assets if issuers meet disclosure requirements, the Maeil Business Newspaper reported. The measure is intended to address concerns about tokens that are initially listed on overseas exchanges before becoming available to South Korean investors. The legislation outlines tougher accountability standards for crypto issuers. Projects that provide false information or fail to disclose material details in their whitepapers ahead of an ICO could be held liable for investor losses. Liability would also extend to other parties substantially involved in an offering, including outsourced operators and market makers.Photo by Y K on UnsplashStablecoin issuers need Korean presenceSeparate provisions set out rules for stablecoins, barring tokens issued by entities without a physical presence in South Korea from domestic trading, a restriction that would apply to widely used stablecoins such as USDT and USDC. Issuers would be required to fully back stablecoins with reserves such as cash or government bonds held at banks or financial institutions and would be prohibited from paying interest to users. The proposal reflected the FSC’s position on the second phase of digital asset legislation focused on stablecoin issuers. The issue remains subject to inter-institutional debate, with the Bank of Korea pressing for a bank-led consortium model for stablecoin issuance. The ruling Democratic Party of Korea (DPK) is expected to review a consolidated bill combining proposals from the government and the National Assembly next month, with plans to advance the legislation during the regular parliamentary session in the first quarter of 2026. The FSC’s focus on consumer protection is also reflected in its plans to introduce a Digital Finance Security Act, detailed in a recent report to the presidential office. According to Digital Asset, the proposed legislation would establish rules for traditional financial institutions as well as electronic financial businesses and virtual asset service providers. The move came after a 44.5 billion won ($30 million) hacking incident last month at Upbit, the country’s largest crypto exchange. Existing regulations under the Virtual Asset User Protection Act do not contain provisions specifically covering such cases. Separately, the FSC is working to strengthen its response to emerging forms of financial crime, including transnational offenses and crypto-enabled money laundering. It said measures under consideration included adding state-level criminal organizations to the list of entities barred from financial transactions, improving anti-money-laundering (AML) rules to better align with international standards, and expanding the scope of the travel rule. On the supervisory side, the commission intends to make the Virtual Asset Division a permanent unit after initially establishing it as a temporary body, News1 reported. The Virtual Asset Inspection Division within the Financial Intelligence Unit is also set to become a standing unit. Price declines weigh on exchangesThe stepped-up regulatory focus has coincided with a broader downturn in the crypto market. Bitcoin is trading below $89,000, about 30% below its all-time high of $126,000 set earlier in October. CoinGecko data cited by IT Chosun showed average daily trading volume across South Korean exchanges falling to $2.95 billion in November from $4.41 billion in August, with trading fees accounting for about 98% of exchange revenue. The broader market weakness has also been accompanied by declines in altcoins. South Korean crypto investors attributed the recent drop in altcoin prices to capital flowing into major cryptocurrencies such as Bitcoin and Ethereum. A weekly survey conducted by CoinNess and Cratos showed that 41.7% of the 2,000 respondents cited capital concentration in leading tokens as the primary factor, followed by the growing number of altcoins at 31.6%, their limited practical value at 14.7%, and technical factors such as chart patterns at 12.1%. 

news
Web3 & Enterprise·

Apr 03, 2025

Japan’s SMFG expresses interest in stablecoin launch

Sumitomo Mitsui Financial Group (SMFG), a leading Japanese multinational financial services corporation and holding company, has outlined plans to launch a stablecoin.Photo by JJ Ying on UnsplashIn a press release published on its website on April 2, the company outlined details of a memorandum of understanding (MOU) it has signed with a view towards initiating discussions on the commercial use of stablecoins. Among the parties that have signed the MOU is Sumitomo Mitsui Banking Corporation (SMBC), Japan’s second-largest bank and a core unit of SMFG’s overall business. Other parties include local IT firm TIS, Inc., digital asset infrastructure firm Fireblocks and Ava Labs, the creator and developer behind the Avalanche layer-1 blockchain. Developing a framework for stablecoin issuanceThe agreement will see these stakeholders collaborate in an effort “to develop a framework for stablecoin issuance and circulation, including exploring key technical, regulatory, and market infrastructure requirements both in Japan and further afield.” The initiative will seek to examine a number of stablecoin use cases that SMFG believes can best leverage the characteristics of stablecoins. These include “a settlement method for tokenized financial and real-world assets (RWAs), such as government and corporate bonds, as well as real estate.” The company acknowledged that the tokenization of RWAs has been growing rapidly, with stablecoins emerging as an important settlement tool. It also acknowledged their growing use in the areas of international remittances, corporate payments and small-value, high-frequency transactions. SMBC sees potential in the use of stablecoins to reduce reliance on intermediaries where cross-border payments are concerned, improving upon traditional finance which relies on use of the SWIFT financial messaging network. It has identified savings that can be made in terms of the time taken to effect cross-border transactions and associated costs. According to a report published by Japanese financial news outlet Nikkei on April 1, Ava Labs is expected to use its know-how in order to construct the foundational basis for the stablecoin.  Meanwhile, Fireblocks will be responsible for the development of a management system for any stablecoin token that is subsequently issued as a consequence of the initiative. It will also get involved with the development of system security in relation to the project. The bank will work with TIS to support the developmental phase of the project. While the initiative is currently at the planning stage, trials are scheduled to begin during the second half of this year.If all goes to plan and work proceeds as per the schedule that has been established, a stablecoin could potentially be issued as a consequence sometime in 2026. It’s not the first time that SMBC has delved into consideration of stablecoins. Last September, it joined with Mitsubishi UFJ Financial Group (MUFG) and Mizuho to launch Project Pax, a cross-border stablecoin transfer platform. That initiative relies upon Progmat, a distributed ledger technology (DLT) platform founded by MUFG for the purpose of tokenization and the issuance of stablecoins. Japanese legislators have been working towards adding an amendment to the Payment Services Act, with some changes proposed relative to stablecoins. The changes would permit greater diversity in terms of stablecoin reserves. 

news
Policy & Regulation·

Aug 07, 2023

The Need to Distinguish Between Security and Non-Security Virtual Assets

The Need to Distinguish Between Security and Non-Security Virtual AssetsWith the recent enactment of the Virtual Asset User Protection Bill in South Korea, there is a need to lay out criteria for determining whether virtual assets qualify as securities, says Kim Ja-bong, a senior research fellow at the Korea Institute of Finance, in his report titled “The Implications of Determining Which Virtual Assets Constitute Securities and Investor Protection” released on Saturday.Photo by Shubham Dhage on UnsplashThe implications of the Virtual Asset User Protection ActThe Virtual Asset User Protection Act — which will take effect in July of next year — aims to protect customer assets, establish regulations against unfair trading practices, and enforce penalties. Notably, it will target virtual assets that are not securities, deeming it necessary for regulators to determine if virtual assets qualify as securities or not in order to enforce the bill. Assets with characteristics of securities will fall under the jurisdiction of the Capital Markets Act.Therefore, if the Virtual Asset User Protection Act does not provide sufficient investor protection, issuers may be incentivized to issue non-security assets rather than security assets to avoid the regulations of the Capital Markets Act. This further necessitates the act of distinguishing between virtual assets that are securities versus those that are not.Determining if a virtual asset is a security or notThere are two approaches to do this, according to Kim: the passive approach, which avoids considering a virtual asset as a security whenever possible, and the active approach, which treats a virtual asset as a security whenever applicable.He argues that it is better to focus on whether an investment contract qualifies as a security if it is considered an investment contract, rather than simply selecting a specific approach.Furthermore, the nature of virtual assets renders them unbound by national borders, so it is necessary to establish assessment criteria that correspond with international standards, such as those used in the US and Europe.This is especially important because if the criteria differ from international standards, there is a risk of domestic investors suffering damages due to an issuer’s pursuit of regulatory arbitrage between countries.Equitable recognition and potential for security tokensAccording to Kim, the importance of determining whether virtual assets are securities lies in ensuring that security tokens receive the same recognition and trading treatment as traditional securities such as stocks. With such a measure, security token offerings can serve as an efficient and reliable method for raising funds. Although there may be concerns that such a regulation may hinder the development of virtual assets, it may well be an opportunity for security tokens to be qualified and trusted as high-quality financial instruments just like existing securities, Kim claims.Even for virtual assets that are not considered securities, there are many types of assets that are financial in nature, such as e-money tokens — therefore, it is necessary to actively protect investors in non-security virtual assets through financial regulations such as reinforcing disclosure obligations, which is being done in the EU through the Markets in Crypto-Assets Regulation (MiCA).Empowering regulators for enhanced investor protection and market integrityKim underscored that investor protection and healthy growth of the virtual asset market are made possible mainly through expanding regulators’ authority to protect economic interests and prevent damages. The author also suggested institutional reforms that grant regulators substantial authority, which would enhance their ability to protect investors effectively and provide compensation for damages.He added that regulators should also have the authority to enforce liability for damages or impose civil penalties for unfair trading practices conducted using classified information.

news
Loading