Users lose millions of dollars in a massive phishing attack on Uniswap
After falling victim to a phishing assault that used the Uniswap V3 protocol, some users have reported losing a ton of ETH.
According to information gathered from a variety of sources, someone made off with more than 7,500 ETH.
The event was caused not by the Uniswap protocol itself but rather by the victims’ participation in fraudulent transactions.
⚠️ As of block 151,223,32, there has been 73,399 address that have been sent a malicious token to target their assets, under the false impression of a $UNI airdrop based on their LP's
Activity started ~2H ago
— harry.eth 🦊💙 (whg.eth) (@sniko_) July 11, 2022
A security staffer at Metamask was the first to discover the assault. He alerted Uniswap to the fact that the assault had begun around two hours earlier by posting a message on Twitter.
Our threat intel detected a potential exploit on Uniswap V3 on the ETH blockchain. The hacker has stolen 4295 ETH so far, and they are being laundered through Tornado Cash. Can someone notify @Uniswap? We can help. Thankshttps://t.co/OV3g7ayf77
— CZ 🔶 Binance (@cz_binance) July 11, 2022
CZ tweeted Uniswap about the assault six hours later. Zhao claimed Binance’s threat intel detected the hackers had taken over 4295 ETH. He asked the community to alert Uniswap.
Uniswap developer Hayden Adams acknowledged the assault was phishing and not related to the protocol. He advised users to avoid phishing and take safeguards. The smart contract seems good upon checking.
The victims were issued a malicious token called UniswapLP and directed to a website to swap it for UNI. The website stole critical data and wallet cash. Total losses are $8.1 million, although that number might rise when more is learned.
Punters may trade crypto using peer-to-peer technology rather than via traditional exchanges, such as Binance and the FTX, which are controlled by authorities. Uniswap, on the other hand, is a central institution in decentralized finance, or “DeFi.”
Phishing has emerged as one of the most common techniques used by hackers to steal cryptocurrency, despite the fact that there are several other ways this may be accomplished.
The unfortunate reality is that the user must bear the majority of the responsibility for exercising caution in this scenario; notwithstanding, many people continue to click on harmful links under the mistaken impression that they are safe.