The Multichain Executor address has been draining tokens associated with the AnySwap bridging protocol, according to on-chain sleuth Spreek. The address has been moving the tokens to a new externally owned account (EOA). The transactions have resulted in approximately $263,524.33 worth of tokens being sent to this new address. Spreek suspects that this behavior may be part of the normal functioning of the protocol, but also notes that a different account engaged in similar behavior the day before and sold the drained tokens, suggesting malicious intent. The on-chain sleuth theorizes that the attacker may be using the anySwapFeeTo function to drain users’ funds by setting fees to an arbitrarily large amount. The Multichain incident, which involved over $100 million worth of token withdrawals, has puzzled blockchain analysts, and the source of the anomaly remains unknown. Circle and Tether have frozen some of the addresses involved in the strange transactions. The Multichain team has reported that their CEO is missing and that they have shut down some bridges due to a loss of access to network servers.