Code4arena X account compromised, used for Paradigm endorsed phishing scam

A smart contract security marketplace Code4arena appears to be the latest victim of a SIM swap attack on X.

An X account for Code4arena, a smart contract auditing platform, was compromised allowing a hacker to publish a scam post luring people to believe an airdrop was endorsed by a venture capital firm.

In an X post that appeared on Nov. 27, 2023 the hacker published a post announcing an airdrop of ARENA tokens endorsed by Paradigm, a San Francisco-based crypto venture capital investment firm.

The scale of the hack is not immediately clear as no public statements from Code4arena have been made so far. According to external reports, however, the incident was the result of a SIM-swap attack. At the time of writing, the post is deleted, but crypto.news was able to independently verify the authenticity of the original post.

The attack comes only days after cybersecurity experts recently raised concerns regarding the safety of Blast, a new layer-2 network aimed at reducing transaction costs for digital collectibles. On Nov. 24, Blast said in an X thread that no contract code security is completely airtight and that each smart contract design has its own associated vulnerabilities.