Attacker takes over multisig minutes after creation, drains up to $40M slowly
An attacker compromised a multisig wallet six minutes after creation, slowly draining and laundering up to $40 million over several weeks.Summary
A whale's multisig wallet was compromised shortly after its creation, with forensic analysis suggesting the attacker may have set up the wallet themselves and transferred ownership just six minutes after the victim created it on November 4th. Initial reports indicated losses of $27.3 million, but new findings suggest the total loss could exceed $40 million, with laundering occurring in staggered transactions through Tornado Cash. Furthermore, the wallet was configured as a "1-of-1," meaning only one signature was needed, undermining its intended multisig security. Experts suggest potential attack vectors included malware, phishing, or poor operational security, emphasizing the need for isolated signing devices and transaction verification beyond the user interface to prevent such incidents.
(Source:Cointelegraph)