Biggest Uniswap Phishing Attack:Over $4.7M stolen!

Some individuals initially assumed the attack to be a Uniswap v3 protocol exploit, however it was soon made clear that it was actually the consequence of a phishing campaign.

Apparently, Uniswap v3 protocol’s liquidity providers (LPs) were the victim of an advanced and powerful phishing activity that saw attackers rob at least $4.7 million worth of ether (ETH). However, according to the community members, the losses might be even bigger.

Among the first to sound an alarm about the attack was MetaMask security researcher Harry Denley, who on Monday informed his 13,000 Twitter followers that 73,399 addresses had received fraudulent ERC-20 tokens intended to steal their assets.

According to a tweet from Binance CEO Changpeng “CZ” Zhao, the hack cost at least $4.7 million in ETH.

The cryptocurrency market has heard rumors that the incursion may have caused far greater losses, though.

A “huge LP” with roughly 16,140 ETH, worth $17.5 million, might also have been phished, according to prominent cryptocurrency Twitter user 0xSisyphus on Monday.

How it operates

According to Denley, the “UniswapLP” “malicious token” that was executed in the phishing attack is provided to naïve users in an effort to deceive them into thinking it is from the authentic “Uniswap V3.”Positions NFT” contract by changing the “From” field in the blockchain transaction explorer.

Users who were curious in their new tokens would be directed to a website that claimed to let them exchange their new tokens into Uniswap (UNI), which were worth approximately $5.34 each.

Biggest Uniswap Phishing Attack Over $4.7M stolen!

The portal might instead attempt to steal cryptocurrency from users’ wallets while sending the users’ address and browser client information to the attackers’ command centre.

According to a Reddit thread that also described the attack, the hackers had taken nonfungible tokens (NFTs), specifically Uniswap LP positions, as well as native tokens like Ether, ERC-20 tokens, and ERC-20 tokens from the victims.

Through Twitter on Wednesday, Uniswap Labs gave its own thorough explanation of how the fraud operated, highlighting the fact that the incident was a phishing scam and not an exploit.

It isn’t an exploit

When Binance CEO Zhao initially raised the alarm about the attack, he called it a “possible exploit” of the Uniswap protocol on the Ethereum blockchain, which caused some stir in the cryptocurrency markets.

Uniswap team members observed the attack was a part of a phishing attack rather than a problem with the protocol, and Zhao reaffirmed this shortly after the post with another update.

The initial worrying remarks from CZ were made at the same time as the price of Uniswap plunged dramatically, reaching a 24-hour low of $5.34. Since the clarification, the price of UNI has increased to $5.48 at the time of writing, although it is still down 11% in the past 24 hours and 87.8% from its all-time high.

Also read :

THE AMERICAN CRYPTOCURRENCY COMPANY HARMONY WAS THE VICTIM OF A THEFT OF $100 MILLION.

WHAT IS A CRYPTO DUSTING ATTACK AND HOW DO I AVOID IT?

HACKED BEEPLE ACCOUNT NETS WORTH $438K FROM PHISHING SCAM

10 WAYS TO SECURE YOUR BITCOIN AND CRYPTO WALLET

Mufasa
Mufasa
Mufasa is the lead writer at CryptoMufasa who likes to share all the latest info on the crypto world with you! Mufasa Enjoys enjoys a good read and recommendations so don't forget to comment on the posts and let him know.

Similar Articles

Comments

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Advertisment

Most Popular