Hacks and accidental loss of funds have become considerably common in the blockchain industry in recent months. Millions of dollars are stolen from various projects by exploiting bugs found in their code.
However, most of these projects are secured by huge insurance funds and make sure to somehow compensate users for the lost funds or create a solution where the investors don’t lose funds. This cannot be done when the error is made from the user’s end itself.
Your capital is at risk.
Hackers target unaware investors and find several ways to drain assets from their personal wallets. One of the most common ways of defrauding investors is phishing. That is precisely what happened with several Uniswap users. Read on to know more.
What is Uniswap?
Decentralized Exchanges are essential for the idea of cryptocurrencies to thrive in the space. The UniSwap decentralized exchange operates on the Ethereum blockchain and is the largest DEX in the world. The system allows users to trade crypto without an intermediary from anywhere in the world.
As of July 13th, the governance token UNI, which allows users to vote on important protocol changes, was the top 19th cryptocurrency on Coinmarketcap by market capitalization.
A phishing attack typically involves fraudulent emails that convince the user to enter sensitive information into a fraudulent website. A fake website that looks identical to the original one is usually linked to these emails that ask the user to reset his password or confirm his credit card information. Pharming, spear phishing, and clone phishing are the three main types of phishing.
How Were Users Defrauded?
While some other influential crypto icons had already tweeted about the incident, the news became viral due to a tweet by the CEO of Binance, Changpeng Zhao, stating that there might be a potential exploit on Uniswap V3 on the ETH blockchain and that around 4295 ETH had been stolen. This caused panic in the market and the UNI token saw a quick dump.
However, upon more investigation with the team, the Binance head quickly realized that it was the result of a major phishing attack and tweeted again with the screenshots of his conversation with the Uniswap team.
Metamask Researcher Harry Denley mentioned that over 73,399 addresses were sent malicious tokens. These wallets were connected to Uniswap and the information in the smart contract was linked to a fraudulent website posing as Uniswap.
Based on how many fake LP tokens were received, the message claimed to airdrop UNI tokens to liquidity providers. In exchange for rewards, liquidity providers provide their assets on Uniswap. The underlying smart contract, however, gained access to a user’s wallet when a user responded to the phishing message and thus resulted in lost funds.
A victim of the attack lost WBTC (Warped Bitcoin) and USDC worth over $8 million to a WBTC/USDC pool. As a result of the attack, the hacker gained access to the wallet, exited the LP’s positions, and transferred the tokens to other wallets.
Your capital is at risk.
Uniswap urged its users to be careful of such phishing scams and to be careful while interacting with websites that don’t seem legit. “Attacks like this can happen at any time on any platform, and we encourage you to stay vigilant while interacting with any contract”, the team added in their tweet following the incident.
Read More:
- How to Buy Uniswap at Low Fee
- These are the Best DEX Coins to Buy
- How to Participate in IBAT Token Pre-Sales
- How to Earn Passive Income via Crypto Staking
Battle Infinity – New Crypto Presale
- Presale Until October 2022 – 16500 BNB Hard Cap
- First Fantasy Sports Metaverse Game
- Play to Earn Utility – IBAT Token
- Powered By Unreal Engine
- CoinSniper Verified, Solid Proof Audited
- Roadmap & Whitepaper at battleinfinity.io