On-chain data indicates that most of the losses were incurred by a single Ethereum wallet providing liquidity to Uniswap.
A hacker has stolen over $8.6 million worth of crypto assets from liquidity providers on the world’s largest decentralized exchange, Uniswap.
The incident occurred late Monday when an attacker sent a malicious token disguised as the exchange’s native governance token UNI to approximately 7,399 Ethereum addresses that had provided liquidity on Uniswap. Victims were directed to a malicious website that mimicked Uniswap’s official frontend. The phishing site instructed the victims to claim the malicious UNI tokens as a reward for providing liquidity on the exchange, but when the victims agreed to the claim, they inadvertently approved a transaction that granted the attacker access to their wallets. From there, the attacker could make token transfers to drain their wallets.
Despite targeting a considerable number of Uniswap liquidity providers, most of the attacker’s illicit haul seems to have come from a single victim. After gaining access to their wallet, the attacker stole the NFT representing the victim’s liquidity position in the wBTC/USDC liquidity pool on Uniswap V3, exited the position, and swapped the assets for ETH. The attacker then began laundering the funds through the privacy preservation protocol Tornado Cash. Based on on-chain data, the attacker has laundered over 7,500 ETH worth approximately $8.6 million at the time of the attack.
⚠️ As of block 151,223,32, there has been 73,399 address that have been sent a malicious token to target their assets, under the false impression of a $UNI airdrop based on their LP’s
Activity started ~2H ago
0xcf39b7793512f03f2893c16459fd72e65d2ed00c
cc: @Uniswap @etherscan pic.twitter.com/5W51AikFuV
— harry.eth 🦊💙 (whg.eth) (@sniko_) July 11, 2022
A MetaMask security researcher going under harry.eth on Twitter sounded the alarm on the incident late Monday. However, their warning went largely unnoticed until a few hours later Binance CEO Changpeng Zhao independently alerted of the same incident—first claiming that there was an exploit on the Uniswap V3 protocol itself, before rescinding his claim and confirming that the exploit was the result of a phishing attack.
Phishing attacks are common in the crypto industry. In a separate series of attacks, during Yuga Labs’ high-profile Otherside NFT drop in May, scammers pulled a similar trick by setting up and luring victims to malicious links posing as Yuga Labs’ website. They made off with over $3.7 million.
Disclosure: At the time of writing, the author of this piece owned ETH and several other cryptocurrencies.
The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.
You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.
See full terms and conditions.
Get daily crypto briefings and weekly Bitcoin market reports delivered right to your inbox.
