{"id":47106,"date":"2023-03-24T06:21:02","date_gmt":"2023-03-24T10:21:02","guid":{"rendered":"https:\/\/coinscreed.com\/staging\/?p=47106"},"modified":"2023-03-24T06:21:05","modified_gmt":"2023-03-24T10:21:05","slug":"hacked-vanity-addresses-used-to-steal-500k-arb-tokens","status":"publish","type":"post","link":"https:\/\/coinscreed.com\/staging\/hacked-vanity-addresses-used-to-steal-500k-arb-tokens\/","title":{"rendered":"Hacked vanity addresses used to steal $500K ARB tokens"},"content":{"rendered":"\n<p>In the Arbitrum airdrop hack, an individual reportedly compiled vanity addresses eligible for <a href=\"https:\/\/coinscreed.com\/staging\/arbitrum-warns-community-of-fake-airdrops.html\" target=\"_blank\" rel=\"noreferrer noopener\">ARB airdrops<\/a>, which were then used to steal $500,000 worth of tokens from the layer-2 scaling solution airdrop on March 23.<\/p>\n\n\n\n<figure class=\"wp-block-image aligncenter size-full is-resized\"><img fetchpriority=\"high\" decoding=\"async\" src=\"https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2023\/03\/image-61.png\" alt=\"Hacked vanity addresses used to steal $500K ARB tokens\" class=\"wp-image-47109\" width=\"689\" height=\"483\" srcset=\"https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2023\/03\/image-61.png 632w, https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2023\/03\/image-61-300x210.png 300w, https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2023\/03\/image-61-150x105.png 150w\" sizes=\"(max-width: 689px) 100vw, 689px\" \/><figcaption class=\"wp-element-caption\">Hacked vanity addresses used to steal $500K ARB tokens<\/figcaption><\/figure>\n\n\n\n<p>A vanity address is a personalized cryptocurrency address that comprises unique words or phrases chosen by the user to make it more recognizable and personal. Yet, the negative involves the possibility of a security breach.<\/p>\n\n\n\n<p>The tweet explained that the tokens were stolen by an individual who compiled vanity addresses eligible to receive ARB tokens, generated similar addresses using vanity address generators, and routed the airdropped tokens to them instead. The compromise of these vanity addresses prevents the original owners from claiming their ARB tokens.<\/p>\n\n\n\n<p>Numerous crypto users expressed regret on Twitter after their ARB tokens were taken. The majority of affected individuals are unaware of the cause of the loss and do not know what to do about it.<\/p>\n\n\n\n<p>Establishing a vanity address necessitates the use of specialized software or services, which may undermine the security of the user's private key. If a hacker obtains the private key, they can take any <a href=\"https:\/\/coinscreed.com\/staging\/us-fed-regulators-warns-about-liquidity-risks-of-crypto-assets.html\" target=\"_blank\" rel=\"noreferrer noopener\">crypto assets<\/a> associated with the address.<\/p>\n\n\n\n<p>The excitement generated by Arbitrum's token giveaway overwhelmed several websites. Nansen claims that there are still 428 million ARB tokens available for claim.<\/p>\n\n\n\n<p>Approximately 240,000 addresses had not yet claimed their governance tokens as of late Thursday, despite the fact that 61% of eligible crypto wallets had already done so. The 428 million unclaimed tokens, valued at approximately $596 million at the time of publication, represent 37% of the total 1.1 billion ARB allocated for Arbitrum's airdrop.<\/p>\n\n\n\n<p>Considering these numbers, some eligible addresses that have not yet claimed their token may be compromised.<\/p>\n\n\n\n<p>This is not the first time that crooks in the cryptocurrency industry have <a href=\"https:\/\/www.google.com\/search?q=Hacked+vanity+addresses+used+to+steal+%24500K+ARB+tokens&rlz=1C1SQJL_enNG889NG889&oq=Hacked+vanity+addresses+used+to+steal+%24500K+ARB+tokens&aqs=chrome..69i57j0i546l2.948j0j9&sourceid=chrome&ie=UTF-8\" target=\"_blank\" rel=\"noreferrer noopener\">compromised vanity addresses<span class=\"wpil-link-icon\" title=\"Link goes to external site.\" style=\"margin: 0 0 0 5px;\"><svg width=\"24\" height=\"24\" style=\"height:16px; width:16px; fill:#000000; stroke:#000000; display:inline-block;\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" xmlns:svg=\"http:\/\/www.w3.org\/2000\/svg\"><g id=\"wpil-svg-outbound-7-icon-path\" fill=\"none\" clip-path=\"url(#clip0_31_188)\">\r\n                            <path d=\"M9.16724 14.8891L20.1672 3.88908\" stroke-linecap=\"round\"\/>\r\n                            <path d=\"M13.4497 3.53554L20.5208 3.53554L20.5208 10.6066\" stroke-linecap=\"round\" stroke-linejoin=\"round\"\/>\r\n                            <path d=\"M17.5 13.5L17.5 16.26C17.5 17.4179 17.5 17.9968 17.2675 18.4359C17.0799 18.7902 16.7902 19.0799 16.4359 19.2675C15.9968 19.5 15.4179 19.5 14.26 19.5L7.74 19.5C6.58213 19.5 6.0032 19.5 5.56414 19.2675C5.20983 19.0799 4.92007 18.7902 4.73247 18.4359C4.5 17.9968 4.5 17.4179 4.5 16.26L4.5 9.74C4.5 8.58213 4.5 8.0032 4.73247 7.56414C4.92007 7.20983 5.20982 6.92007 5.56414 6.73247C6.0032 6.5 6.58213 6.5 7.74 6.5L11 6.5\" stroke-linecap=\"round\"\/>\r\n                        <\/g>\r\n                        <defs>\r\n                            <clipPath id=\"clip0_31_188\">\r\n                                <rect fill=\"white\" height=\"24\" width=\"24\"\/>\r\n                            <\/clipPath>\r\n                        <\/defs><\/svg><\/span><\/a>. Metamask informed crypto users about address poisoning in January.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In the Arbitrum airdrop hack, an individual reportedly compiled vanity addresses eligible for ARB airdrops, which were then used to steal $500,000 worth of tokens from the layer-2 scaling solution airdrop on March 23. A vanity address is a personalized cryptocurrency address that comprises unique words or phrases chosen by the user to make it [&hellip;]<\/p>\n","protected":false},"author":12,"featured_media":47109,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[11476],"tags":[13889,4579,1496,13888],"class_list":["post-47106","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hacks-and-scams","tag-arb-token","tag-arbitrum","tag-hack","tag-vanity-address"],"jetpack_featured_media_url":"https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2023\/03\/image-61.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/47106","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/comments?post=47106"}],"version-history":[{"count":0,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/47106\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media\/47109"}],"wp:attachment":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media?parent=47106"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/categories?post=47106"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/tags?post=47106"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}