According to Hayden Adams, the creator of Uniswap, some LP NFTs were taken from users who authorized fraudulent transactions due to a phishing attempt.
The Uniswap v3 protocol’s liquidity providers were the focus of the hacker’s sophisticated phishing effort. The hack is said to have cost more than $8 million in ETH so far.
Targeted Uniswap v3 Protocol LPs
Harry Denley, a security analyst with Metamask, discovered the problem initially. He saw that, under the guise of a fake UNI tokens airdrop, 73,399 addresses had been issued a malicious token named “UniswapLP” to target their assets.
By altering the “From” field in the blockchain transaction explorer, the malicious token that was given to the victims gave the impression that it originated from a reliable “Uniswap V3: Positions NFT” contract. Sensitive user data would then be viewed by the website operated by criminals, who would subsequently take money from their wallets.
The perpetrator of the assault is thought to have been a component of a far more complex operation that had sent a malicious token to around 73,399 addresses as its target.
Changpeng “CZ” Zhao, CEO of Binance, hypothesized that the hack had resulted in the loss of Ether valued at close to $4.7 million. The quantity of stolen money, however, was found to be 7,500 ETH (or around $8.1 million) by the cryptocurrency tracking and compliance platform MistTrack. These monies were subsequently laundered through the crypto mixing service Tornado Cash in a total of 100 transactions.
The developer of Uniswap Labs acknowledged that the hacker was successful in fooling the LP provider into signing fraudulent transactions by pretending to be a legitimate website. The procedure hasn’t, however, been abused.
Phishing Attacks are Increasing.
Phishing operations and other Web2-style assaults are still wreaking havoc on the Web3 environment. In April, a plethora of phishing websites pretending to be Stepn, a Web3 lifestyle app with a Solana, California, basis, were found. More recently, OpenSea disclosed a data breach that affected consumers who had registered to their mailing list and whose personally-identifying information (PII) was compromised. Customers were forewarned of possible phishing attacks.
“What’s aggravating about these breaches from a web3 security viewpoint is that the hackers are employing the tried and true web2 tactics that abuse centralization and human mistake as a starting point, and are leveraging this to make lateral moves to compromise web3 in turn,” says one security expert.