cyrpto 140K, Arbitrum, bypass, Certik, exploit, reports, signature Mark March 10, 2025 0 Comments

CertiK reports $140K Arbitrum exploit via signature bypass

The blockchain security company, Certik, has identified a violation of security on arbitrum, where an attacker operated a signature verification bypass to drain around $ 140,000.

On March 10, at 4:06 am UTC, Certik Alert reported on X that an attacker probably used an arbitrary vulnerability of an intelligent contract to bypass the signature verification and carry out illegal transactions. The verification of the signature is an important security functionality which guarantees that only the actions of intelligent authorized contract can pass.

#Certikinsight 🚨

We have detected several suspicious transactions on arbitrum by 0x97D8170E04771826A31C4C9B81E9F9191A1C8613, which has probably exploited an arbitrary vulnerability of call to bypass the validation of the signature and the drain ~ ~ $ 140K from various non -clussed exchange contracts… pic.twitter.com/mzfxofbarf

– Certik Alert (@CERTIKALERT) March 10, 2025

In this case, the attacker deceived users by involuntarily authorizing a fraudulent contract. After approval, the contract made external calls, which gave the attacker the possibility of moving funds without requiring valid signatures.

Certikaiagent, the Certik blockchain transactions analysis agent, then reported several suspicious transactions related to the attack, warning users to immediately revoke approvals to avoid other losses.

🚨 potential exploit detected! 🚨#Certikaiating
A suspicious transaction https://t.co/bvwvbnhrjy On arbitrum can indicate an arbitrary feat of external appeal!

🔎 Key results:
⚠️ The victim approved the attacker’s contract without knowing it
💰 External call detected – possible external …

– Certikaiavent (@Certikaiacingnt) March 10, 2025

According to Certikaiavent, this type of vulnerability is particularly common in decentralized finance, where many contracts do not have robust safety checks. From now on, Arbitrum (ARB) The team did not respond to the feat.

However, this could shake up confidence in the DEFI ecosystem of Arbitrum, which makes users and suppliers of liquidity more cautious. If security problems persist, investors and merchants may be invited to transfer funds elsewhere to avoid other risks.

The incident is one of the many recent violations of cryptography security. In February alone, hacks and fraud cost more than $ 1.5 billion, as reported by crypto.News on March 5. The three largest losses were $ 1.4 billion on Bybit, $ 9.5 million in Zklend and $ 49.5 million 0xinfini.

The majority of these losses were caused by portfolio violations, code defects and phishing Attacks. In particular, bybit’s hacking was the largest since the violation of the Ronin bridge in 2022. compromiseThis gave hackers access to a large quantity of exchange funds.