Arbitrum regains control of governance account after hack - Coinfea

Arbitrum has regained control of its governance account on blogging platform X after losing it to hackers on Tuesday afternoon. The platform also promised to review its security protocols to prevent more incidents.

In an X post published after access was restored late Tuesday evening, Arbitrum confirmed its governance handle was once again secure to interact with. The team also thanked those who flagged the unusual activity and spread word of suspicious posts made when the DAO account was hacked.

“We have regained control of the Arbitrum DAO account… Thank you to everyone who flagged suspicious activity and avoided engaging with the compromised posts. We’re reviewing our security protocols to prevent future incidents,” the team wrote.

Arbitrum account hacked to push airdrop phishing link

As previously reported by Cryptopolitan, the compromised account was used to spread messages about supposed usage-based rewards and token distributions. Several posts made by the hackers suggested that actions such as bridging assets, swapping tokens, providing liquidity, and participating in governance could qualify users for these benefits.

The deleted messages sought to create exclusivity, claiming rewards were limited to “real users” and exempting so-called “opportunistic actors.” Other posts reassured Arbitrum holders who saw the first post late that “it isn’t the end of airdrop season.” Such tactics are common in social engineering campaigns aimed at stealing from crypto communities.

Attackers convince digital currency investors to hand over their assets by telling them to click on links that eventually drain their wallets. The governance account breach is the latest security-related episode involving Arbitrum projects in just two months. On January 5, two projects deployed by the same developer suffered unauthorized withdrawals totaling an estimated $1.5 million.

According to blockchain monitoring service Cyvers Alert, hackers executed several suspicious transactions on Arbitrum after gaining administrative access and replacing smart contracts with malicious versions. Preliminary findings also showed that the deployer behind the USDGambit and TLP projects may have lost control of their account, allowing the attacker to deploy a new contract with ProxyAdmin permissions.

The stolen assets were later bridged back to the Ethereum main network and then passed through crypto-mixing services. Amid the governance incident, Arbitrum has been moving within a defined intraday range, between a session low of $0.1286 and a high of $0.1384. Market watchers observed the price pivoting near $0.1356 at the time of this reporting, close to flipping its 24-hour losses.