A sophisticated phishing campaign targeting liquidity providers (LPs) of the Uniswap v3 protocol has seen attackers make off with at least $4.7 million worth of Ethereum (ETH). However, the community is reporting the losses could be even greater.
Metamask security researcher Harry Denley was one of the first to raise the alarm bells of the attack, telling his 13,000 Twitter followers on July 11 that 73,399 addresses had been sent malicious ERC-20 tokens to steal their assets.
⚠️ As of block 151,223,32, there has been 73,399 address that have been sent a malicious token to target their assets, under the false impression of a $UNI airdrop based on their LP’s
Activity started ~2H ago
0xcf39b7793512f03f2893c16459fd72e65d2ed00ccc: @Uniswap @etherscan pic.twitter.com/5W51AikFuV
— harry.eth (whg.eth) (@sniko_) July 11, 2022
At least $4.7 million in ETH has been lost in the attack, according to a Twitter post from Binance CEO Changpeng “CZ” Zhao. However, there are also reports amongst the crypto community that there may be more significant losses from the incursion.
Prominent crypto Twitter user 0xSisyphus noted on July 11 that a “large LP” with around 16,140 ETH, worth $17.5 million, may have also been phished.
did a large LP get phished?https://t.co/3n6oruM8Hj
the v3 NFTs in 0x09b5 all originated from this wallet which has 16k ETH ($18m) sitting in it
— Sisyphus (@0xSisyphus) July 11, 2022
How it works
According to Denley, the phishing attack works by sending unsuspecting users a “malicious token” called “UniswapLP” — made to appear as coming from the legitimate “Uniswap V3: Positions NFT” contract by manipulating the “From” field in the blockchain transaction explorer.
Users curious about their new tokens would be directed to a website purporting to allow them to swap their new tokens for Uniswap’s native token UNI, worth $5.34 each at the time of writing.
The website would instead send the users’ address and browser client info to the attackers’ command center, which would also attempt to drain cryptocurrency from their wallets.
A Reddit post also explaining the attack noted that the attackers had stolen native tokens (ETH), ERC20 tokens, and NFTs (namely Uniswap LP positions) from victims.
Please be aware that there is currently a Phishing scam happening that targets Uniswap V3 LP’s.
It does not look like a Uniswap protocol hack.
No matter what, if you get tokens airdropped to your wallet of ynknown origin – DON’T…
Click Here to Read the Full Original Article at Cointelegraph.com News…
