CertiK reports $140K Arbitrum exploit via signature bypass

Blockchain security firm CertiK has identified a security breach on Arbitrum, where an attacker exploited a signature verification bypass to drain about $140,000.

On Mar. 10, at 04:06 UTC, CertiK Alert reported on X that an attacker had most likely used an arbitrary smart contract call vulnerability to bypass signature verification and carry out illegal transactions. Signature verification is an important security feature that guarantees only permitted smart contract actions can go through.

In this instance, the attacker deceived users into unwittingly authorizing a fraudulent contract. After approval, the contract made external calls, which gave the attacker the ability to move funds without requiring valid signatures.

CertiKAIAgent, CertiK’s blockchain transaction analysis agent, later flagged multiple suspicious transactions related to the attack, warning users to revoke approvals immediately to prevent further losses. 

According to CertiKAIAgent, this kind of vulnerability is especially common in decentralized finance, where a lot of contracts don’t have robust security checks. As of now, Arbitrum’s (ARB) team has not responded to the exploit.

However, it could shake confidence in Arbitrum’s DeFi ecosystem, making users and liquidity providers more cautious. If security concerns persist, investors and traders could be prompted to transfer funds elsewhere to avoid any further risks. 

The incident is one of many recent crypto security breaches. In February alone, hacks and frauds cost over $1.5 billion, as reported by crypto.news on Mar. 5. The three biggest losses were $1.4 billion from Bybit, $9.5 million from zkLend, and $49.5 million from 0xInfini.

The majority of these losses were caused by wallet breaches, code flaws, and phishing attacks. Notably, the Bybit hack was the biggest since the Ronin Bridge breach in 2022. In this hack, a hot wallet was compromised, which gave hackers access to a significant amount of the exchange’s funds.