DeFi protocol Uniswap fell victim to an elaborate phishing campaign that targeted liquidity providers [LPs] resulting in a loss of 4295 ETH which comes close to $4.7 million.
Although the exact amount of stolen funds is not yet confirmed by the DEX, there are multiple reports by various experts detailing the incident.
Metamask security expert Henry Denley was the first to raise the red flag. According to him, about 73,399 addresses have received a malicious token under the false impression of a UNI airdrop.
The token if clicked directs them to a domain “/uniswaplp.com“, which imitates the real Uniswap branding. The website hosted by bad actors allows curious users to swap their new tokens for Uniswap [UNI], worth $5.34 each at the time of writing.
The interface would instead send the users’ address and browser client info to the attackers’ command center, which would also attempt to drain cryptocurrency from their wallets.
“There is evidence that this campaign is purely targeting native coin [ETH, BNB] and Uniswap LP positions”, the tweet read.
Another crypto tracking platform tweeted that the attackers siphoned the stolen assets to Tornado Cash and put the funds at 7,500 ETH, nearly $8 million.
Uniswap Hack – A phishing Attack On LPs Not A Exploit On The V3 Protocol
Binance CEO Changpeng “CZ” Zhao too tweeted the incident calling it a potential exploit of Uniswap V3 on the ETH blockchain. CZ later clarified that the exploit was actually a phishing attack and that the protocol is safe.
“The attack looks like a phishing attack. Both teams responded quickly. All good. Sorry for the alarm. Learn to protect yourself from phishing. Don’t click on links.”
However, there are rumors among the crypto community that the losses might be much higher than what is being reported.
Meanwhile, Uniswap’s price reacted by a sharp decline just moments after CZ’s initial tweet, falling by almost 14% in the 24-hour index.
UNI has since posted a marginal recovery to trade at $5.61 at press time. Still, the token is down by 86% from its previous peak of $42.
