Arbitrum Issues Urgent Warning After Official X Account Compromised

What Happened

“I think I’ve helped around 5-7 people with X account hacks over the last month including Plasma and now Arbitrum,” he said, adding that the connection he made at X, following North Korean hacking his account, is helping in these instances.

This latest account takeover comes as North Korean hackers have pushed cumulative crypto theft to $6.75 billion, personal wallet compromises have surged to 158,000 incidents in 2025, tripling the 2022 figure.

The Arbitrum hack follows a string of devastating compromises across the industry.

ZKsync and Matter Labs were breached via delegated accounts, with attackers posting fake claims of an SEC investigation that sent ZK’s price down 5% despite a prior 38.5% weekly rally.

Watcher.Guru fell separately after fake Ripple-SWIFT partnership claims spread across Telegram, Discord, and Facebook via automated content bots.

These attacks are unfolding against historic crypto crime levels, with the U.S. Marshals Service also confirming an investigation into a hack of federal digital-asset accounts.

TRM Labs reported $158 billion in illicit crypto activity in 2025, up 145% year-over-year, while Chainalysis documented over $3.4 billion in outright theft, with North Korean state hackers responsible for $2.02 billion.

2026 started even worse, with CertiK confirming roughly $370.3 million lost to exploits in January alone.

Phishing accounted for $311.3 million of that total, dwarfing the $51.5 million attributed to code vulnerabilities, as IPOR Labs’ $336,000 Arbitrum vault exploit compounded the damage.

Market Context

McKenna, managing partner at Arete Capital, has been on the front lines of these breaches.

Binance co-CEO Yi He’s WeChat account was separately hijacked in December, with attackers executing a pump-and-dump on the meme token MUBARA that netted roughly $55,000 before retail buyers were left exposed to a sharp price reversal.

Why It Matters

Arbitrum has issued an urgent security alert after its ArbitrumDAO governance X account was compromised, with attackers posting phishing links disguised as airdrop promotions.

The breach joins a relentless wave of social media takeovers targeting major crypto projects in early 2026.

Details

The compromised account directed followers to a fraudulent link at gov-arbitrum[dot]com, claiming a confirmed “snapshot” would reward long-term participants for bridging, swapping, and governance activity.

Arbitrum’s official channels immediately urged the community to avoid all posts and interactions from the account until full access is restored.

Fake Airdrop Bait and the Anatomy of the Attack

The posts framed eligibility as exclusive to “real users,” separating long-term participants from “farmers” and “opportunists,” while reassuring latecomers that “this isn’t the end of airdrop season.“

The language closely mimicked legitimate project communications, making the phishing link especially dangerous for active ecosystem members.

His recommendation was pointed: “Please ensure you use a password manager with physical YubiKeys to secure everything. Don’t wait, do it today.”

In fact, as reported by Cryptonews, wallet drainer losses, despite falling 83% to $84 million, remain a persistent threat.

High-Profile Crypto Accounts Breached Across Platforms

Scroll co-founder Ye Chen’s X account was hijacked in January, with attackers reshaping his profile to mimic X’s official branding and flooding his extensive network of crypto executives and developers with phishing messages disguised as copyright violation warnings.

BNB Chain’s official account was also breached in October, prompting Binance co-founder CZ to warn followers to “Please do not click on any links recently posted from this account.“

Phishing Dominates as 2026 Opens With Record Losses