During the Arbitrum airdrop that started the day before, unknown attackers stole $500,000 by forging the vanity addresses of legitimate recipients of tokens. This drew the attention of Twitter users.
Someone made $500k+ by claiming Arbitrum airdrop with hacked vanity addresses pic.twitter.com/aSWmx7MySS
— jq (@jackqack) March 23, 2023
Vanity addresses are vulnerable to brute force – a systematic search of all possible combinations of characters. The hackers received information about wallets eligible to receive ARB tokens, after which they generated similar ones by sending coins to them.
Affected users try to fix the problem on their own.
Dear @kucoincom my stolen $ARB token has been transferred to your exchange by the hacker. How can you help?
— CryptoLord NE
(@CryptoDefiLord) March 23, 2023
Airdrop participants have already received more than 914 million ARBs, or 79% of the total 1.1 billion ARBs allocated for distribution in the first stage, according to Nansen, an analytics company. 138,671 addresses have not yet requested governance tokens.
The ARB giveaway, which began on March 23, triggered network congestion, causing the Arbitrum Foundation sites and the Arbiscan on-chain browser to be temporarily unavailable.
Source: bitcoinlinux.com
