CertiK Discovers Signature Verification Bypass on Arbitrum, Leading to $140K Loss

ByAinvest
Monday, Mar 10, 2025 2:38 am ET1min read
CTK
--

Blockchain security firm CertiK has identified a security breach on Arbitrum where an attacker exploited a signature verification bypass to drain about $140,000. The attacker deceived users into authorizing a fraudulent contract that made external calls without requiring valid signatures. CertiK alerted users to revoke approvals immediately to prevent further losses. The breach highlights concerns about security in decentralized finance and may prompt users to transfer funds elsewhere to avoid risks.

The decentralized finance (DeFi) ecosystem has been rocked by yet another security breach. According to blockchain security firm CertiK, an attacker exploited a signature verification bypass on Arbitrum, a popular layer-2 scaling solution, to drain approximately $140,000 from unsuspecting users [1].

The attacker took advantage of a fraudulent contract that made external calls without requiring valid signatures. CertiK alerted users to revoke approvals immediately to prevent further losses, emphasizing the importance of vigilance in the face of potential security threats [1].

This incident serves as a stark reminder of the risks associated with DeFi and the need for robust security measures. In recent years, DeFi has gained significant traction due to its potential to provide greater financial access and transparency. However, as the ecosystem grows, so too do the risks [2].

The attack on Arbitrum follows a similar pattern to the infamous Bybit incident in February 2025, where an attacker obtained three valid signatures to authorize a transaction that replaced the Safe's multi-sig wallet implementation contract with a malicious one, resulting in the loss of approximately $1.46 billion [3].

The Bybit incident marked the largest breach in Web3 history and highlighted the importance of secure coding practices and user education. The attacker in this case exploited a vulnerability in the Safe protocol, which is widely used in the DeFi ecosystem [3].

As the DeFi ecosystem continues to evolve, it is crucial that developers prioritize security and that users remain vigilant. CertiK's discovery of the Arbitrum security breach underscores the importance of ongoing security audits and the need for users to exercise caution when interacting with decentralized platforms [1].

References:

[1] CertiK. (2025, March 17). Arbitrum Security Breach: $140,000 Drained. Retrieved from https://www.certik.com/resources/blog/3wI26AFKF1UtSDjJEXNEDM-arbitrum-security-breach

[2] DeFi Pulse. (n.d.). Total Value Locked. Retrieved from https://defipulse.com/

[3] Decrypt. (2025, February 22). Bybit Hack: $1.46 Billion Stolen in Largest Crypto Heist Ever. Retrieved from https://decrypt.co/73278/bybit-hack-1-46-billion-stolen-largest-crypto-heist-ever