Multichain announced onFriday that CEO Zhao Jun and his sister were involved in illegal withdrawals of more than $130 million last week. The team said Zhao Jun was arrested by Chinese police on May 21 and has not responded since.
The protocol features a multi-party computing (MPC) system similar to a multi-signature wallet. According to Multichain, these MPC node servers were operated under Mr. Zhaojun's personal cloud server, and access was limited only to Mr. Zhaojun.
Enforcement agents also seized all of his equipment, including phones, hardware wallets, PCs, and recovery phrases. "This also means that all of the team's funds and server access are entrusted to the Zhao military and police," they said.
After Mr. Zhao Jun's arrest, his family reportedly used information from his home computer to access the cloud server platform. However, they only gave Multichain's team engineers limited access to fix specific technical issues related to the router, they said.
IP addresses associated with remittances from China
After the fraudulent transmission on July 7, Zhaojun's sister found the credentials sent from her IP address in Kunming, a city in Yunnan, China. She also encountered a number of transactions involving transfers from MPC addresses. After withdrawing, she moved the remaining user resources to an external address and notified the team. She was also later arrested by law enforcement, according to the multichain team.
Multichain has gone out of service and will attempt to shut down the site
The team faced challenges in maintaining operations due to limited access to non-MPC servers and limited legal advice to cooperate with Zhaojun's family's demands.
Lacking alternative sources of information and being unable to shut down the website, Multichain was forced to cease operations. We asked GoDaddy, the domain registrar, to cooperate with us in shutting down the site. This exploit affected multiple tokens including Wrapped Bitcoin, USDC, DAI, and LINK