Blockchain security company Certik has identified a security breaches for Arbitrum. In Arbitrum, an attacker exploited the signature verification bypass to drain around $140,000.
On March 10, at 04:06 UTC, Certik Alert reported about X that an attacker likely used an arbitrary-volatile smart contract call vulnerability to bypass signature verification and carry out illegal transactions. Signature verification is an important security feature that ensures that only permitted smart contract actions can be performed.
#certikinsight🚨
Multiple suspicious transactions in Arbitrum by 0x97D8170E04771826A31C4C9B81E9F9191A1C8613 have been detected.
– March 10, 2025
In this example, the attacker deceived the user to unconsciously approve the fraudulent contract. After approval, the contract made an external call, giving the attacker the ability to move the funds without the need for a valid signature.
Certik’s blockchain transaction analysis agent, Certikaiagent, later flagged multiple suspicious transactions related to the attack, warning users to immediately revoke their approval to prevent further losses.
🚨Potential exploits detected! 🚨 #certikaiagent
Suspicious Transaction https://t.co/bvwvbnhrjy bvwvbnhrjy on arbitrum could indicate an exploit of any external call!🔎Important findings:
⚠️The victim unconsciously approved the attacker’s contract
💰External call detected – possible external…– March 10, 2025
You might like it too: Infini Neobank reportedly suffers from a $49.5 million hack
According to Certikaiagent, this type of vulnerability is particularly common in decentralized finance where many contracts do not have robust security checks. Currently, the Arbitrum (ARB) team is not exploited.
However, it could shake up Arbitrum’s confidence in the Defi Ecosystem and make users and liquidity providers more cautious. If security concerns continue, investors and traders may be encouraged to transfer funds elsewhere to avoid further risk.
This incident is one of many recent crypto security breaches. In February alone, as reported by Crypto.News on March 5th, the cost of hacking and fraud exceeded $1.5 billion. The three biggest losses were $1.4 billion from BYBIT, $9.5 million from ZKLEND and $49.5 million from 0XINFINI.
The majority of these losses were caused by wallet violations, code defects, and phishing attacks. In particular, the Bybit Hack was the biggest since the 2022 Ronin Bridge violation. In this hack, hot wallets were compromised, giving hackers access to a considerable amount of exchange funds.
read more: Bybit’s $1.4 billion breach began with inventory investment malware, according to research
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
