Scam Alert: Unleash Protocol Faces Multisig Exploit

The post Scam Alert: Unleash Protocol Faces Multisig Exploit appeared on BitcoinEthereumNews.com.

Unleash Protocol has disclosed unauthorized activity involving its smart contracts that led to withdrawal and transfers of user funds. Investigations from CertiK Alert revealed deposits of Ethereum into Tornado Cash, following the Unleash Protocol exploit. Unleash Protocol investigates multisig exploit CertiK Alert disclosed on X that it detected deposits of 1,337.1 ETH, valued at about $3.9 million, transferred into Tornado Cash. The platform linked the transfer from the wallet address, 0xc946981F5dFBFA10cf858B95d51Fc06DCD15BfE3. CertiK Alert added that the funds trace back to suspicious withdrawals of Wrapped ETH and Story tokens from a possibly compromised multisig. The report comes shortly after Unleash Protocol announced it is investigating an exploit that led to the loss of users’ funds. #CertiKInsight 🚨 We have detected deposits of 1337.1 ETH (~$3.9M) into Tornado Cash from 0xc946981F5dFBFA10cf858B95d51Fc06DCD15BfE3. The fund traces to suspicious withdrawals of Wrapped ETH and Story tokens from a multisig that may have been compromised.… pic.twitter.com/YIFEAEwilc — CertiK Alert (@CertiKAlert) December 30, 2025 The Unleash Protocol team said initial investigation indicated that an externally owned address gained administrative control via its multisig governance.  Following the attack, the exploiters carried out an unauthorized contract upgrade that enabled unauthorized asset withdrawals. This occurred outside Unleash’s intended governance and operational procedures. The assets identified as affected include WIP, USDC, WETH, stIP and vIP. After the withdrawals, the exploiters bridged these assets using third-party infrastructure before sending them to external addresses. How Unleash is managing the exploit In its announcement, the Unleash Protocol team said there was no evidence of compromise to Story Protocol contracts, validators or underlying infrastructure. They also added that the impact appears limited to Unleash-specific contracts and administrative controls. The team, however, assured users that the investigation is still ongoing, and all conclusions will be confirmed before final disclosure. You Might Also Like To prevent further risk,…

Leave a Reply

Your email address will not be published. Required fields are marked *

Filed under: News - @ December 30, 2025 12:27 pm