• Arbitrum’s March 23 airdrop was reportedly hacked by someone who compiled vanity addresses eligible for ARB token rewards.
• The theft of the tokens makes it impossible for the original owners to reclaim their ARB tokens, amounting to a total of $500,000 worth of stolen tokens.
• 428 million unclaimed tokens are still available to claim, however certain eligible addresses that haven’t claimed their tokens could be in the category of hacked addresses.
Arbitrum Airdrop Hacked
An unexpected event occurred on Arbitrum’s March 23 airdrop when someone reportedly used hacked vanity addresses to siphon $500K worth of tokens from the layer-2 scaling solution.
What is a Vanity Address?
A vanity address is a customized cryptocurrency address containing specific words or phrases chosen by the user, aiming to make them more personal and easily identifiable. However, these types of addresses may not be as secure as expected as hackers can gain access to users‘ private keys and steal any crypto assets tied to that address if not handled properly.
Tokens Stolen
The tweet revealed that the tokens were taken by an individual who compiled vanity addresses eligible for ARB token rewards and then generated similar ones using vanity address generators which directed the airdropped tokens away from their original owners making it impossible for them to reclaim their funds.
Remaining Tokens
According to blockchain analytics platform Nansen, 428 million ARB tokens are still available to claim although 61% of eligible crypto wallets have already done so. The remaining 1.1 billion ARB allocated for Arbitrum’s airdrop amounts up to nearly $596 million as of publication time but certain eligible addresses may have been affected by this hack and remain unclaimed due to this occurrence.
Similar Attacks
This isn’t the first time scammers have compromised vanity addresses in the crypto space as MetaMask warned users about address poisoning back in January 2021 where similar tactics were used against innocent victims causing losses in digital assets held within those wallets.