Uniswap decentralized exchange liquidity providers lost $ 8 million in phishing attacks.
An unknown hacker stole $ 8 million from the wallet of a liquidity provider in Uniswap Network.
According to smart contract security firm PeckShield, liquidity providers were victims of phishing tactics, allowing attackers to steal over 7,500 ETH tokens (about $ 8 million).
Prior to the attack, hackers used fake Uniswap airdrop tokens to target liquidity providers. The victim took a phishing bait and requested a token. They interacted through malicious smart contracts that gave hackers complete control over the liquidity provider’s wallet.
At the time of the attack, the liquidity provider’s wallet had provided approximately $ 8 million to the Uniswap version 3 WBTC / USDC liquidity pool.
After gaining unauthorized access to the wallet, the attacker exited the user’s liquidity position, exchanged assets and moved. In addition, hackers sent funds through Tornado Cash, a transaction mixer on the Ethereum network.
Binance CEO Changpeng Zhao first caught the public’s attention in this case. He tweeted that there was a potential hack in the Uniswap protocol, but later revealed that it was a phishing attack, not a network attack.
Our threat intelligence has detected a potential exploit in Uniswap V3 on the ETH blockchain. Hackers have so far stolen 4295 ETH and are laundered through tornado cash.Can someone be notified @Uniswap?? I’ll help you.Thank youhttps://t.co/OV3g7ayf77
CZ Binance (@cz_binance) July 11, 2022
Hayden Adams, the founder of Uniswap, also commented that phishing attacks are separate from the protocol. He said;
“This is a phishing attack and some LPNFTs were obtained from an individual who approved a malicious transaction. It is completely isolated from the protocol. Protect yourself from phishing from clicking on malicious links. A good reminder for. “
This latest attack reminds crypto investors to take asset security very seriously. Investors and traders need to take additional steps to ensure that their funds are safe from attackers.