Cryptocurrencies, blockchain, NFT and new trends

Thief lays trap to claim 3 million ARB tokens in upcoming airdrop

Crypto Ecosystems • March 21, 2023, 1:17PM EDT | Provided by Arbitrum

Quick Take

  • A bad actor is trying to take advantage of 2,400 compromised crypto wallets to claim the Arbitrum airdrop on their behalf.
  • If the plan is successful, it could net them around 3 million ARB tokens, amounting to 0.26% of the user airdrop.

Stay updated on Pro Crypto Ecosystems news by locking ACS tokens with The Block.

Connect/Create Wallet You can unlock at any time.*
No wallet? No problem. You can set one up for free. We recommend Torus for first-time users.
*a 2% locking fee will be added at the time of locking. Learn more about Access Protocol

A would-be thief is laying the groundwork to intercept 3 million ARB tokens from the upcoming Arbitrum airdrop.

The crypto criminal sent ether to around 2,400 wallets in order to approve a contract that allows recipients to claim the airdrop, which is set for Thursday. Normally this wouldn’t be a problem, but this person also appears to have access to the wallets’ private keys.

The approved contract will automatically claim the airdrop on behalf of the thief, bypassing any bots that might be set up to sweep funds that land in the wallets. 

Word of the scheme was first brought to light by Arkham Intelligence and a post on GitHub. The ARB token will control the governance of the Arbitrum One and Nova networks through a DAO.

Since the bad actor knows the private keys for the wallets, wallet owners can’t necessarily block them. What they can do is revoke the contract that has been set up — but even then they would still need to manually claim the airdrop before the hacker does.

In a world often rife with exploits, this attempt to hijack an airdrop is unique.  If successful, it means the thief would end up claiming 0.26% of the user airdrop by siphoning them from wallets that aren’t their own. Such a move would undermine the goal of handing over governance to the most dedicated Arbitrum community members while at the same time depriving these wallets of their rightful claim.

Not possible on Arbitrum 

The fact that the drop is happening on Arbitrum, a layer2 scaling project, complicates matters for the wallets in question. If the airdrop was on the Ethereum blockchain, then it might be possible to use Flashbots to gain an edge in claiming the airdrop first — but that’s not possible on Arbitrum.

Some in the community have called on Offchain Labs to blacklist these wallets so that the bad actor doesn’t end up with all of the tokens. Yet this could stop legitimate users from having a chance to claim them.

At the time of the airdrop announcement, Offchain Labs CEO Steven Goldfeder told The Block there will be no changes to the airdrop allocation. The company has not addressed this specific issue.