Initially reported as a “lucky” Arbitrum airdrop recipient, one crypto address appears to have actually scammed out over 600 different crypto wallets for more than 930,000 ARB tokens. Blockchain intelligence firm Arkham confirmed with Decrypt that they too have identified that the address “belongs to a hacker who is sweeping funds from Arbitrum users.” A closer look at the specific address’s transactions reveals that it received 933,365 ARB tokens from a different Arbitrum address on March 24, a day after the layer-2 network’s highly-anticipated airdrop. ARB is the native governance token behind the layer-2 scaling solution for Ethereum called Arbitrum. The source of those tokens is another contract whose creator is tagged as “Fake_Phishing18” on Arbitrum’s blockchain explorer. Independent on-chain researcher 0xKnight also confirmed that he found victim reports of the hack. Users complained that their ARB tokens had been “auto-claimed” to the hacker’s wallets. Ethereum smart contract developer Brainsy signaled the malicious contract created by “Fake_Phishing18” on March 24 as well. They said that interacting with the contract creates an additional transaction request that appears as if it’s from the sender’s wallet but instead is a phishing attack.
Full story : ‘Address Poisoning’ Attack Sees Scammer Make Off With $1.3M in ARB Tokens.