CertiK Identifies $140K Signature Verification Exploit on Arbitrum

Blockchain security firm CertiK has detected a significant exploit on Arbitrum, where an attacker leveraged a signature verification vulnerability to steal approximately $140,000 from various smart contracts.

The breach, identified on March 10, was initially flagged by CertiK’s alert system, which pointed to multiple suspicious transactions carried out by the attacker.

How the Hacker Stole $140K from Arbitrum

CertiK revealed that the exploit was executed through an arbitrary smart contract call vulnerability, effectively allowing the attacker to bypass signature verification mechanisms.

Typically, signature verification ensures that only authorized smart contract actions can be executed.

However, in this case, the attacker managed to deceive victims into unknowingly approving a fraudulent contract.

Once granted approval, the malicious contract initiated external calls, allowing the attacker to transfer funds without requiring legitimate user signatures.

CertiK’s AI-powered transaction monitoring tool, CertiKAIAgent, later issued a follow-up alert, warning users about the exploit.

According to CertiKAIAgent, the attack followed a predictable but highly effective method often seen in DeFi security breaches.

The attacker first deployed a malicious contract to exploit vulnerabilities in unverified swap adapter contracts.

Unsuspecting users then unknowingly approved the contract, providing the attacker with the necessary permissions.

By leveraging external function calls, the attacker bypassed signature verification and transferred funds out of user wallets.

Finally, the stolen assets were withdrawn via the `transferFrom()` function, which is commonly used in DeFi transactions.

Furthermore, the AI urged affected users to revoke contract approvals immediately to mitigate further losses.

The attack on Arbitrum could erode confidence in the platform, especially if security loopholes persist. Such incidents often lead to liquidity providers and traders withdrawing funds.

The Arbitrum team has yet to respond publicly to the incident. However, it is clear something is definitely not right on the chain.

Crypto Security Breaches: A Growing Concern

The attack on Arbitrum is the latest in a series of high-profile security breaches plaguing the cryptocurrency sector.

A recent report by Immunefi, a leading blockchain security firm, detailed that February 2025 saw an astronomical surge in losses due to crypto hacks and exploits.

According to the report, total losses in February reached a staggering $1.5 billion, an almost 20x increase from January’s $73.9 million.

The biggest contributor to these losses was the Bybit exchange hack, which accounted for $1.46 billion and was the largest crypto hack in history.

Other significant breaches included Infini Stablecoin Bank, which lost $49.5 million; zkLend, which suffered a $9.5 million exploit; Ionic Money, which reported losses of $8.6 million; and Cardex, which lost $400,000 due to an attack.

Year to date, the cryptocurrency sector has already suffered over $1.6 billion in losses, surpassing the total losses recorded for the entirety of 2024.

Interestingly, the report highlights that while decentralized finance (DeFi) suffered more attacks, centralized finance (CeFi) platforms accounted for a significantly larger portion of total funds lost.

The Bybit hack alone contributed to over 95.5% of total losses in February, reinforcing concerns about the security of centralized exchanges.

Meanwhile, BNB Chain and Ethereum were the most frequently targeted blockchain networks, experiencing four attacks each.

As it stands now, Arbitrum has yet to release an official statement, and the attack has undoubtedly caused commotion in the crypto community, especially those that use the chain.

If this security concern remains unaddressed, the chain risks losing user trust and liquidity, potentially stalling further growth.

The post CertiK Identifies $140K Signature Verification Exploit on Arbitrum appeared first on Cryptonews.