Certic reports on the exploitation of $ 140,000 arbitrators via a Bajpas signature

Blockcain Security Firma Certik identified a violation of security on arbitrum, where the attacker used the detector of signature verification to take about $ 140,000.

10. March at 04:06 UTC, he confirmed by Certik Alert reported X that the attacker was most likely to use arbitrary vulnerability of the smart contract to circumvent the signature verification and conducted illegal transactions. The verification of signatures is an important security characteristic that guarantees only allow the actions of smart contracts can pass.

In this case, the attacker cheated users to unconsciously approval of a false contract. After the approval, the contract has executed external calls, which gave the attacker the possibility of moving funds without the need for a valid signature.

CertikaAgent, certik’s BlocCchain analysis of transactional analysis, later marked multi-suspicious attack transactions, warning users to immediately give up approvals to prevent further losses.

According to the certical, this type of vulnerability is especially common in decentralized finances, where a lot of contract does not have a robust security check. From now, Arbitrum’s (Bow) The team did not answer exploitation.

However, this could be shaken by the confidence in the Arbitrum deficister ecosystem, providing users and liquidity providers more cautiously. If security issues persist, investors and traders could be prompted to transfer funds to another place to avoid further risks.

The incident is one of the many recent violations for the CRIPTO safety. In February alone, hacks and fraud cost over $ 1.5 billion export Cripto.news.news 5. Marta. The three biggest losses amounted to $ 1.4 billion from BIBIT of $ 9.5 million from Zkling and $ 49.5 million of 0xinfins.

Most of these losses are caused by a wicket violation, missing code and phishing Attacks. It was implemented that Bibit Hack was the largest of Bridge Ronin Bridge offense in 2022. Year in this haku, a warm wallet was endangeredWhich hackers have given access to a significant amount of exchange funds.