On March 25th, 2023, the crypto community’s warning against fake Arbitrum (ARB) airdrops materialized as hackers managed to drop a phishing link into Arbitrum’s official Discord server. Blockchain-focused security firm CetriK revealed the possibility of a phishing link being circulated on Arbitrum’s Discord server. It is suspected that a hacked Discord account of one of Arbitrum’s developers was used to share a fake announcement with a phishing link. The phishing message on Discord offered “the opportunity to re-claim an additional stake in Arbitrum DAO Governance” while citing issues during the initial token claim drive. However, the supporting URL misspelled Arbitrum as “Arbtirum” – a deception technique used in phishing attacks.
Clicking on such a phishing link usually navigates the unsuspecting victims to a fake website prompting them to enter personal information, such as a wallet’s private key. Further investigation from Cointelegraph shows that clicking on Arbitrum’s phishing link takes users to a blank website with the text “Astaghfirullah,” which translates to “I seek forgiveness in God.” In modern times, it can also be used as an expression of disbelief or disapproval, according to Wiktionary. Until further clarification from Arbitrum, investors are advised against interacting with the announcement. Investors must be vigilant about unrealistic claims and deceptions as hackers try to cash in on the hype.
Arbitrum has not yet responded to Cointelegraph’s request for comment. This situation highlights the need for companies to have robust security measures in place to prevent their platforms from being exploited by hackers. Such a breach not only causes harm to platform users but can also cost the company their reputation and trust. Companies must ensure that their developers and employees follow best practices when it comes to account access and sharing information.
This incident also highlights the need for users to exercise caution when participating in airdrops, especially with new projects. Airdrops are often used as a marketing tactic to attract users to a new project; they are airdropped free tokens in exchange for performing certain actions. However, scammers often create fake airdrops to trick users into giving away their private keys or other sensitive information.
Meanwhile, two airdrop hunters managed to bag approximately $3.3 million worth of ARB. As Cointelegraph reported, one wallet received $2 million in ARB, while another collected around $1.38 million worth of tokens. Airdrops can be a lucrative strategy for early adopters and can create hype around a project. Still, users must be cautious of fake airdrops and ensure that they are using legitimate sources when claiming tokens. It is essential to conduct thorough research before participating in any airdrops and to remain vigilant for any red flags that suggest a possible scam.
This situation also highlights the importance of blockchain security companies such as CetriK. Blockchain is a decentralized system that relies on cryptography to secure assets; however, it is not entirely foolproof. Companies like CetriK specialize in blockchain security and are responsible for identifying vulnerabilities and threats that can be exploited by hackers. They use techniques such as penetration testing and code auditing to identify and prevent such threats. As the blockchain industry continues to grow, so will the need for cybersecurity companies that specialize in blockchain.
In conclusion, the phishing incident on Arbitrum’s Discord server emphasizes the need for robust security measures and caution when participating in airdrops. Companies must ensure that their platforms are secure and that their developers and employees follow best practices when it comes to account access and sharing information. Users must be vigilant for any red flags that suggest a possible phishing attack, such as misspelled URLs or unrealistic claims. Blockchain security companies such as CetriK play a vital role in identifying and preventing threats to the blockchain industry’s security. As the industry continues to grow, so will the need for such companies.