Arbitrum airdrop thief lays trap for compromised wallets.

A would-be thief is laying the groundwork to intercept 3 million ARB tokens from the upcoming Arbitrum airdrop.

The crypto criminal sent ether to around 2,400 wallets in order to approve a contract that allows recipients to claim the airdrop, which is set for Thursday. Normally this wouldn’t be a problem, but this person also appears to have access to the wallets’ private keys.

The approved contract will automatically claim the airdrop on behalf of the thief, bypassing any bots that might be set up to sweep funds that land in the wallets. 

Word of the scheme was first brought to light by Arkham Intelligence and a post on GitHub. The ARB token will control the governance of the Arbitrum One and Nova networks through a DAO.

Since the bad actor knows the private keys for the wallets, wallet owners can’t necessarily block them. What they can do is revoke the contract that has been set up — but even then they would still need to manually claim the airdrop before the hacker does.

In a world often rife with exploits, this attempt to hijack an airdrop is unique.  If successful, it means the thief would end up claiming 0.26% of the user airdrop by siphoning them from wallets that aren’t their own. Such a move would undermine the goal of handing over governance to the most dedicated Arbitrum community members while at the same time depriving these wallets of their rightful claim.

Not possible on Arbitrum 

The fact that the drop is happening on Arbitrum, a layer2 scaling project, complicates matters for the wallets in question. If the airdrop was on the Ethereum blockchain, then it might be possible to use Flashbots to gain an edge in claiming the airdrop first — but that’s not possible on Arbitrum.

Some in the community have called on Offchain Labs to blacklist these wallets so that the bad actor doesn’t end up with all of the tokens. Yet this could stop legitimate users from having a chance to claim them.

At the time of the airdrop announcement, Offchain Labs CEO Steven Goldfeder told The Block there will be no changes to the airdrop allocation. The company has not addressed this specific issue.

© 2023 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

Source: https://www.theblock.co/post/221607/arbitrum-airdrop-arb-wallet-hijack?utm_source=rss&utm_medium=rss