In a Twitter alert late on Friday, the Fantom Foundation, the entity behind the Fantom network, highlighted three addresses connected to the Multichain exploit that had been blacklisted by USDC issuer Circle.

The addresses collectively held over $65 million in assets, the majority of which consisted of USDC.

In a separate update, the Fantom Foundation disclosed that USDT issuer Tether had frozen $2.5 million worth of funds that were transferred from Multichain.

The Multichain cross-chain router protocol was exploited on Thursday, with the team confirming $126 million worth of “abnormal outflows” from its MPC address. A significant portion of the exploited funds were withdrawn from Multichain’s Fantom bridge contract on Ethereum.

Fantom CEO Michael Kong allegedly told crypto analyst Ijaz Awan that the Multichain exploit did not appear to be a “normal hack” because the funds had not moved from the attacker’s wallet. 

“All the indications appear that private keys were used to move funds to certain wallets and nothing more,” Kong reportedly said. 

Meanwhile, shortly after the exploit, another group of scammers quickly swooped in to take advantage of the victims with a phishing scam. The scammers falsely claimed to represent the Fantom Foundation issuing an “emergency airdrop” to users affected by the Multichain incident, urging users to click a fraudulent link attached to tweets that have since been deleted.