Some individuals initially assumed the attack to be a Uniswap v3 protocol exploit, however it was soon made clear that it was actually the consequence of a phishing campaign.
Apparently, Uniswap v3 protocol’s liquidity providers (LPs) were the victim of an advanced and powerful phishing activity that saw attackers rob at least $4.7 million worth of ether (ETH). However, according to the community members, the losses might be even bigger.
Among the first to sound an alarm about the attack was MetaMask security researcher Harry Denley, who on Monday informed his 13,000 Twitter followers that 73,399 addresses had received fraudulent ERC-20 tokens intended to steal their assets.
⚠️ As of block 151,223,32, there has been 73,399 address that have been sent a malicious token to target their assets, under the false impression of a $UNI airdrop based on their LP's
Activity started ~2H ago
0xcf39b7793512f03f2893c16459fd72e65d2ed00ccc: @Uniswap @etherscan pic.twitter.com/5W51AikFuV
— harry.eth 🦊💙 (whg.eth) (@sniko_) July 11, 2022
According to a tweet from Binance CEO Changpeng “CZ” Zhao, the hack cost at least $4.7 million in ETH.
The cryptocurrency market has heard rumors that the incursion may have caused far greater losses, though.
A “huge LP” with roughly 16,140 ETH, worth $17.5 million, might also have been phished, according to prominent cryptocurrency Twitter user 0xSisyphus on Monday.
did a large LP get phished?https://t.co/3n6oruM8Hj
the v3 NFTs in 0x09b5 all originated from this wallet which has 16k ETH ($18m) sitting in it
— Sisyphus (@0xSisyphus) July 11, 2022
How it operates
According to Denley, the “UniswapLP” “malicious token” that was executed in the phishing attack is provided to naïve users in an effort to deceive them into thinking it is from the authentic “Uniswap V3.”Positions NFT” contract by changing the “From” field in the blockchain transaction explorer.
Users who were curious in their new tokens would be directed to a website that claimed to let them exchange their new tokens into Uniswap (UNI), which were worth approximately $5.34 each.
The portal might instead attempt to steal cryptocurrency from users’ wallets while sending the users’ address and browser client information to the attackers’ command centre.
According to a Reddit thread that also described the attack, the hackers had taken nonfungible tokens (NFTs), specifically Uniswap LP positions, as well as native tokens like Ether, ERC-20 tokens, and ERC-20 tokens from the victims.
Through Twitter on Wednesday, Uniswap Labs gave its own thorough explanation of how the fraud operated, highlighting the fact that the incident was a phishing scam and not an exploit.
1/ Yesterday, some Uniswap LPs unfortunately fell for a phishing scam, a problem far too common in crypto today. To be clear: there was no exploit. The Protocol always was — and remains — secure. Here’s what happened.👇
— Uniswap Labs 🦄 (@Uniswap) July 12, 2022
It isn’t an exploit
When Binance CEO Zhao initially raised the alarm about the attack, he called it a “possible exploit” of the Uniswap protocol on the Ethereum blockchain, which caused some stir in the cryptocurrency markets.
Uniswap team members observed the attack was a part of a phishing attack rather than a problem with the protocol, and Zhao reaffirmed this shortly after the post with another update.
Connected with the @uniswap team. The protocol is safe.
The attack looks like from a phishing attack. Both teams responded quickly. All good. Sorry for the alarm.
Learn to protect yourself from phishing. Don't click on links. 🙏 pic.twitter.com/FIXebz3iBC
— CZ 🔶 Binance (@cz_binance) July 11, 2022
The initial worrying remarks from CZ were made at the same time as the price of Uniswap plunged dramatically, reaching a 24-hour low of $5.34. Since the clarification, the price of UNI has increased to $5.48 at the time of writing, although it is still down 11% in the past 24 hours and 87.8% from its all-time high.
Also read :
THE AMERICAN CRYPTOCURRENCY COMPANY HARMONY WAS THE VICTIM OF A THEFT OF $100 MILLION.
WHAT IS A CRYPTO DUSTING ATTACK AND HOW DO I AVOID IT?
Discussion about this post