The popular decentralized cryptocurrency exchange Uniswap and the community got hit with unfortunate news yesterday night as its liquidity providers (LP) suffered a phishing attack, costing about $4.7 Million in Ether (ETH).
Binance CEO Changpeng Zhao aka CZ initially tweeted that the platform’s threat intelligence team initially found a potential exploit on Uniswap V3 on the ETH blockchain.
CZ stated that the hacker has stolen 4295 ETH so far, and they are “being laundered through Tornado Cash.”
The Binance CEO later had to correct himself after communicating with the Uniswap team that it was not an exploit on Uniswap, but rather a phishing attack.
Even before that Metamask security analyst Harry Denley informed that 73,399 addresses have been sent a malicious token to target their assets.
The event data on the blockchain was altered by the scammers to make it seem as though Uniswap was airdropping tokens to platform liquidity providers.
When users connected their wallets to the contract’s website, which resembles Uniswap, native tokens (ETH), ERC20 tokens, and NFTs (namely Uniswap LP positions) were snatched from their wallets.
The crypto community is sure that the breach may have caused far more losses, though. A big LP containing roughly 16,140 ETH, worth $17.5M, may have also been phished, according to Twitter user 0xSisyphus.
Uniswap CEO Hayden Adams acknowledged the phishing attack and stated that it is totally separate from the protocol.
“A good reminder to protect yourself from phishing and not click on malicious links,” Adams noted.
Also Read: Solana DeFi Protocol Crema Finance Suffers $8.8M Hack
Phishing scams are extremely prevalent on Web3, as they are much simpler to carry out than hacks. Just last month, two of the biggest NFT collections, BAYC and Boss Beauties’ Discord servers were the targets of phishing attacks.
