지금 프로젝트를 보호하세요
최대 규모의 웹3 보안 제공업체로 프로젝트를 강화하세요.
CertiK 보안 전문가가 귀하의 요청을 검토 후 곧 연락드리겠습니다.

Multichain Collapse: The Private Key Leak That Drained $125M+

보고서 ·사고 분석 ·
Multichain Collapse: The Private Key Leak That Drained $125M+

Project name: Multichain

Project type: Bridge

Date of exploit: July 6, 2023

Asset loss: More than $125M

Vulnerability: Private Key Issue

Date of audit report publishing:

  • Nov 11, 2022: MultiChain Foundation - Cardano (Golang)
  • Nov 21, 2022: MultiChain Foundation - Aptos (Move)

Conclusion: Out of Audit Scope

Details of the Exploit

Background

Multichain is a centralized cross-chain bridge protocol that allows users to bridge tokens between chains.

Nature of the Vulnerability

  • The private key of Multichain is compromised, allowing the attacker to drain assets from the bridge protocol

CertiK Audit Overview

Screenshot 2024-01-08 at 6.04.37 AM

Conclusion

On July 6, 2023, the cross-chain bridge protocol Multichain experienced large unauthorized withdrawals, suggesting a likely Private Key issue.

It is identified as an out-of-scope issue since it is not an implementation bug.

관련 블로그

Resolv Protocol Incident Analysis
보고서 ·사고 분석

Resolv Protocol Incident Analysis

On 22 March 2026, the Revolv protocol was exploited, resulting in a loss of ~$26.8M due to a compromise of the project's cloud infrastructure which gave access to Resolv’s AWS Key Management Service (KMS).

Skynet Wrench Attacks Report
보고서 ·보안 보고서

Skynet Wrench Attacks Report

In 2025, wrench attacks unfortunately crossed a critical threshold. What was once treated as an edge-case risk has become a structural threat to digital asset ownership. Attackers are no longer acting opportunistically; they are operating as organized, transnational groups that combine OSINT-driven targeting, social engineering, and extreme physical violence to extract private keys.

Lessons from The Ledger Data Leak: How to Secure Your Crypto
기술 블로그 ·교육적인

Lessons from The Ledger Data Leak: How to Secure Your Crypto

The recent Ledger data breach serves as a stark reminder that security extends far beyond the blockchain itself. Indeed, the exposure of personal details, including contact information and postal addresses, has opened a new front for sophisticated cyberattacks targeting ledger customers.