Multichain: Arrested founder and family held all the keys
‘All the team’s funds and access to the servers are with Zhaojun and the police,’ the Multichain team said
Iaremenko Sergii/Shutterstock.com modified by Blockworks
Multichain revealed on Friday that CEO Zhaojun and his sister were responsible for the unauthorized withdrawals of over $130 million last week.
The team disclosed that Zhaojun had been detained by Chinese police on May 21 and had been unresponsive ever since.
Its protocol has a multi-party computation (MPC) system, similar to a multi-signature wallet. Multichain said these MPC node servers were operated under Zhaojun’s personal cloud server, meaning access was limited to him alone.
Moreover, authorities confiscated all of his devices, including computers, phones, hardware wallets and recovery phrases.
“This also means that all the team’s funds and access to the servers are with Zhaojun and the police,” they said.
Following Zhaojun’s arrest, his family is believed to have accessed the cloud server platform using information from his home computer.
However, they granted limited access to Multichain’s team engineers solely for the purpose of addressing specific router-related technical issues, they said.
IP address linked to fund transfers originating from Chinese city Kunming
In the aftermath of the unauthorized transfers on July 7, Zhaojun’s sister discovered login details originating from an IP address in Kunming, a city located in China’s Yunnan province. She also came across a sequence of transactions involving the transfer of funds from the MPC addresses.
After the withdrawals, she moved the remaining user assets to externally owned addresses and notified the team. Subsequently, she too was detained by law enforcement authorities, according to the Multichain team.
Multichain shuts down services, looks to take down website
The team said it has faced challenges in maintaining operations due to limited access on non-MPC servers and legal advice to cooperate with the demands of Zhaojun’s family.
With a lack of alternative sources of information and the inability to bring down their website, Multichain said it has been forced to shut down operations. It has asked domain registrar GoDaddy to help bring the website down.
The exploit affected multiple tokens, including wrapped bitcoin, USDC, DAI, and LINK.
Chainalysis suspected that the exploit may have been an inside job, which appears prima facie correct, although the extenuating circumstances remain unknown.
Multichain’s native token MULTI has plunged over 40% since news of its difficulties emerged.
Zhaojun’s arrest in May coincided with the reported detention of Trust Reserve staff, a yuan-backed stablecoin issuer. Trust Reserve’s offices were found empty with a notice of judicial seizure.
Get the news in your inbox. Explore Blockworks newsletters:
- Blockworks Daily: The newsletter that helps thousands of investors understand crypto and the markets, by Byron Gilliam.
- Empire: Start your morning with the top news and analysis to inform your day in crypto.
- Forward Guidance: Reporting and analysis on the growing intersection of crypto and macroeconomics, policy and finance.
- 0xResearch: Alpha directly in your inbox. Market highlights, data, degen trade ideas, governance updates, token performance and more.
- Lightspeed: Built for Solana investors, developers and community members. The latest from one of crypto’s hottest networks.
- The Drop: For crypto collectors and traders, covering apps, games, memes and more.
