Arbitrum has issued an urgent security alert after its ArbitrumDAO governance X account was compromised, with attackers posting phishing links disguised as airdrop promotions. The breach joins a relentless wave of social media takeovers targeting major crypto projects in early 2026. The compromised account directed followers to a fraudulent link at gov-arbitrum[dot]com, claiming a confirmed “ snapshot ” would reward long-term participants for bridging, swapping, and governance activity. Arbitrum’s official channels immediately urged the community to avoid all posts and interactions from the account until full access is restored. SECURITY ALERT The @arbitrumdao_gov account has been compromised. Do not click any links or interact with posts from that account until further notice. We are working to recover access. Updates to follow. — Arbitrum (@arbitrum) February 3, 2026 Fake Airdrop Bait and the Anatomy of the Attack The posts framed eligibility as exclusive to “ real users, ” separating long-term participants from “ farmers ” and “ opportunists ,” while reassuring latecomers that “ this isn’t the end of airdrop season. “ The language closely mimicked legitimate project communications, making the phishing link especially dangerous for active ecosystem members. X Post Screenshot McKenna, managing partner at Arete Capital, has been on the front lines of these breaches. “ I think I’ve helped around 5-7 people with X account hacks over the last month including Plasma and now Arbitrum, ” he said , adding that the connection he made at X, following North Korean hacking his account, is helping in these instances. His recommendation was pointed: “ Please ensure you use a password manager with physical YubiKeys to secure everything. Don’t wait, do it today. ” I think I've helped around 5-7 people with X account hacks over the last month including Plasma and now Arbitrum. It took me over a month night and day to get a connect at X exhausting every connection I had to get my account back post the North Korea hack. Please ensure you use… — McKenna (@Crypto_McKenna) February 3, 2026 This latest account takeover comes as North Korean hackers have pushed cumulative crypto theft to $6.75 billion, personal wallet compromises have surged to 158,000 incidents in 2025, tripling the 2022 figure. Source: Chainalysis In fact, as reported by Cryptonews , wallet drainer losses, despite falling 83% to $84 million, remain a persistent threat. High-Profile Crypto Accounts Breached Across Platforms The Arbitrum hack follows a string of devastating compromises across the industry. Scroll co-founder Ye Chen’s X account was hijacked in January , with attackers reshaping his profile to mimic X’s official branding and flooding his extensive network of crypto executives and developers with phishing messages disguised as copyright violation warnings. BNB Chain’s official account was also breached in October, prompting Binance co-founder CZ to warn followers to “ Please do not click on any links recently posted from this account. “ Binance co-CEO Yi He’s WeChat account was separately hijacked in December, with attackers executing a pump-and-dump on the meme token MUBARA that netted roughly $55,000 before retail buyers were left exposed to a sharp price reversal. ZKsync and Matter Labs were breached via delegated accounts, with attackers posting fake claims of an SEC investigation that sent ZK’s price down 5% despite a prior 38.5% weekly rally. Watcher.Guru fell separately after fake Ripple-SWIFT partnership claims spread across Telegram, Discord, and Facebook via automated content bots. Phishing Dominates as 2026 Opens With Record Losses These attacks are unfolding against historic crypto crime levels, with the U.S. Marshals Service also confirming an investigation into a hack of federal digital-asset accounts. TRM Labs reported $158 billion in illicit crypto activity in 2025 , up 145% year-over-year, while Chainalysis documented over $3.4 billion in outright theft, with North Korean state hackers responsible for $2.02 billion. 2026 started even worse, with CertiK confirming roughly $370.3 million lost to exploits in January alone. Phishing accounted for $311.3 million of that total, dwarfing the $51.5 million attributed to code vulnerabilities, as IPOR Labs’ $336,000 Arbitrum vault exploit compounded the damage. A $282 million hardware wallet social engineering theft also set a new individual record, with the attacker converting stolen Bitcoin and Litecoin into Monero to obscure the trail. Phishing has been a particular problem, with a December victim losing $50 million to address poisoning , while a separate $3.05 million USDT theft stemmed from signing a malicious transaction. Beyond individual targets, hijacked YouTube accounts netted attackers over $939,000 through fake trading bot promotions. Even worse, Betterment users received phishing notifications promising to triple their Bitcoin and Ethereum deposits. Step Finance loses $30 million in Solana treasury hack as STEP token plunges 90% amid broader DeFi security crisis. #Solana #StepFinance https://t.co/WiqvLg0XJI — Cryptonews.com (@cryptonews) February 1, 2026 February also started with a massive hack, with Step Finance confirming multiple breaches of treasury and fee wallets that resulted in $30 million stolen. The post Arbitrum Issues Urgent Warning After Official X Account Compromised appeared first on Cryptonews .
