Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
On July 14, the developers of the $1.5-billion Chinese cross-chain protocol Multichain confirmed the fears of users. The protocol’s CEO, known only as “Zhaojun He,” was apprehended by Chinese authorities in Kunming on May 21 after months of consistent denials through official communication channels. Additionally, members of Multichain’s core team, based in Shanghai, were also reportedly arrested.
The reasons for Zhaojun’s arrest and the specific charges remain undisclosed. However, indications suggest that Multichain’s funds may have been confiscated as part of an anti-money laundering initiative amid a broader crackdown on cryptocurrency by Chinese officials. Furthermore, an alleged counterfeit ID used by the CEO to register Multichain’s operations raises additional questions.
Multichain co-founder Alfred Xu reassured that the development team was doing “just fine” on May 24 | Source: Telegram
Victims seek clarity
Despite earlier claims of decentralization, the Multichain team disclosed that the protocol’s multi-party computation servers and private keys were solely under Zhaojun’s control, which were subsequently surrendered to law enforcement. With no access to these critical components, the protocol was forced to cease operations, and its team members became untraceable.
As of the announcement on July 14, $1.5 billion in total value locked on the Multichain bridge remains unreachable. An earlier attempt to “rescue” users’ assets reportedly led to the arrest of Zhaojun’s sister, according to the development team. Since the arrests began, funds on Multichain have been mysteriously transferred or bridged to unknown wallets.
Crypto investor ArkRide, who claims to have over $9,000 trapped in the Multichain protocol, established a victims group shortly after the incident. This group has since grown to over 300 members.
ArkRide informed Cointelegraph that when the group was formed, members were unaware of the identities of key Multichain executives. Subsequently, one member shared a document from the Singapore government’s Accounting and Corporate Regulatory Authority, purportedly a Multichain business filing. This document identifies “He Xiaokun,” a resident of Jiangsu Province, China, as the “Director” of the company. Following this revelation, some speculate that “Zhaojun He” may actually be a pseudonym for “He Xiaokun.” (In Chinese naming conventions, family names are placed first.)
A Singaporean business filing for the principal business entity behind Multichain. Source: Telegram
Several victims of Multichain have reached out to Chinese embassies and law enforcement in their respective countries seeking further information, but have received no replies.
Simultaneously, they were approached by the Fantom Foundation, one of the largest users of the Multichain bridge before its downfall. Through various Telegram messages, sources at Fantom indicated that they have engaged attorneys in China to aid in the recovery process and confirmed that Multichain co-founder Zhaojun had been detained by Chinese authorities.
“We’ve been collecting information from various parties and have contacted a Chinese law firm for guidance moving forward,” the source also mentioned that some of the Multichain funds have been frozen by centralized exchanges and stablecoin issuers, and that the foundation is working to have these funds distributed to victims. When questioned about the potential for a rug pull, the source stated: “I do not believe the MC team misappropriated funds.”
On July 14, Fantom co-founder Andre Cronje remarked that “Multichain was a significant setback” for the network, as a large portion of its total value locked consisted of Multichain derivative stablecoins. According to blockchain data, stablecoin issuers Circle and Tether have frozen over $65 million in assets linked to the hack.
Cointelegraph reached out to the Fantom Foundation for comments but did not receive a response by the time of publication.
In a discussion with Cointelegraph, freelance content creator PJ Krypto stated that he lost an entire month’s paycheck from a client due to his funds being trapped within the Multichain protocol. He noted that this incident occurred on Aug. 1, nearly a month after the team had warned against using the protocol.
Multichain’s user interface provided no indication that it should not be used. (Aug. 23, 2023)
After his transfer took an unusually long time, PJ checked Multichain’s block explorer and observed an unusually high number of pending transactions. Concerned, he then reviewed the protocol’s social media accounts.
“Almost, my jaw dropped to the ground when I started reading everything,” he remarked, continuing:
“I don’t know, I guess, sometimes, you just kinda get comfortable. You’ve used something before, and it just works. And you get a little lackadaisical, and I think that’s where I got victimized […] the silly thing is, I could have just sent it to a centralized exchange.”
The content creator mentioned that his paycheck remains stuck in the Multichain protocol. Consequently, he has been unable to compensate his team for subcontracted work they completed for him in July and will likely need to cover these payments from August’s revenue. “It was a tough pill for them to swallow. I mean, they have bills, right? And I’m now behind on my bills for my content creation.”
ArkRide lost over $9,000 worth of cryptocurrency in Multichain on July 15 under similar circumstances. He expressed relief that his loss from the hack was relatively small and noted that he has encountered others who suffered far greater losses:
Related Posts
“My amount that I lost on Multichain is not as much as some people that I talked to lost because there were people who lost nearly half a million. I talked to a couple of guys who lost like $100K each, and there were some people who literally couldn’t stand from their beds, they told me they wanted to commit suicide or something like this.”
The investigation continues
The Chinese national ID system reveals troubling information regarding the actual director of Multichain. A Chinese national ID is a 15- or 18-digit number that includes an individual’s residing jurisdiction, date of birth, and gender.
A query indicated that the person listed as “He Xiaokun” in Multichain’s Singaporean registration documents was born on May 10, 1955. The same search for “Yang Qiumei,” another director noted in the Multichain registration file, shows that this individual was born on July 20, 1957. Xu Ruduo, the third director of Multichain — possibly referring to co-founder Alfred Xu — registered using a different type of ID. Alfred Xu has been unreachable since the arrest of his colleague.
The ID search query revealed that “He Xiaokun,” an individual listed as a Multichain director, is currently 68 years old and resides in a village in Jiangsu. Source: ID Search
Upon examination, Zhaojun appears too young to match the profiles of either “He Xiaokun,” age 68, or Yang Qiumei, 66. Both individuals have been indicated as living at the same address in a rural Chinese village.
A photo of Zhaojun circulated during his involvement in the crypto project Fusion, around 2017, and was previously his profile picture on his official Twitter account. Dejun Qian, co-founder of Fusion, confirmed that Zhaojun was in charge of Multichain at the time of the incident. The two had previously been engaged in a business dispute concerning Multichain, when it was formerly known as Anyswap.
Zhaojun He as listed in Fusion’s developer team. His biography states: “More than 10 years of experience in secure Linux R&D. Former technical director of a leading Chinese security operating system. Received a bachelor’s degree in software engineering from Dalian University of Technology.” Source: Fusion
Sources reviewed by Cointelegraph assert that from the outset (May 21), Chinese authorities accused Zhaojun of “money laundering” by bridging tainted assets from users through the Multichain protocol. Consequently, the police have sought to seize all protocol assets, whether user, enterprise, or tainted, as proceeds of crime. Although some of these seizures were thwarted when centralized exchanges or stablecoin issuers froze the funds, the remainder has reportedly been taken by Chinese authorities, according to these sources.
Wuwei Liang, a former employee of crypto exchange CoinXP, claims that in 2019, the entire development team of the firm was detained by Chinese police, along with the confiscation of protocol funds and the cessation of all related operations. Liang Liang, the firm’s CEO, was subsequently charged with operating a “multi-level marketing operation” and a “pyramid scheme,” which could lead to the criminal seizure of the projects’ users’ and enterprise’s assets if convicted.
During the trial this July, some sources allege that key witnesses and defense attorneys faced threats of legal intimidation. A presiding judge reportedly stated that “Presumption of innocence until proven guilty” is “not a correct principle” under Chinese law. The trial has been postponed.
CoinXP trial participants allegedly being apprehended by police | Source: Liang Liang
In a similar case on May 29, Chinese crypto exchange BKEX halted withdrawals, citing the need to cooperate with police regarding charges of “money laundering.” The exchange has remained inactive since, and, like Multichain, its team members are untraceable. Social media channels have also gone silent, and its website is offline.
Crypto exchange BKEX’s last message to users before halting withdrawals.
In another incident, the entire development team of offshore Hong Kong dollar and Chinese yuan stablecoin issuer Trust Reserve vanished in May following a police raid on their office. Local sources indicate that Trust Reserve developers were detained, though the charges remain unknown.
Allegations of corruption
In all these cases, law enforcement has neither informed investors of the charges against protocol developers nor provided any process for investors to recover their funds. CoinXP’s Liang asserts that this is because police are exploiting the legal system as a means of corruption to embezzle investors’ capital for their own gain:
“Defense lawyers would persuade the parties and their families [of arrested crypto executives] to comply, shut down servers, hand over [private] keys, and cooperate in pleading guilty, claiming that this will result in leniency. Little do they know that this makes it easy for law enforcement to profit from unlawful conduct, ‘legally’ pushing the parties towards prison and, at the same time, ‘legally’ taking away the digital assets that belong to the users, investors, and founding team.”
Regardless of the reason, the Chinese government has yet to address investors’ inquiries regarding the whereabouts of the funds and the reasons for their non-return to users.
Users such as ArkRide, PJ Krypto, and others in the “Multichain Scam” group have so far been unable to obtain answers regarding the fate of their hard-earned money. However, one fact remains clear: The Multichain exploit will be remembered as one of the most significant crypto hacks of 2023. Across the globe, Multichain users’ assets have inexplicably vanished. While some funds may be recoverable, many continue to endure the distress it has caused them.
Cointelegraph Editor Zhiyuan Sun contributed to this story.
Magazine: Should we ban ransomware payments? It’s an attractive but dangerous idea
