A liquidity provider on the Uniswap decentralized exchange has lost $8 million in a phishing attack.
An unknown hacker has stolen $8 million from the wallet of a liquidity provider of the Uniswap network.
According to smart contract security firm PeckShield, the liquidity provider was the victim of a phishing tactic that allowed attackers to steal more than 7,500 ETH tokens (about $8 million).
Prior to the attack, hackers targeted the liquidity provider using a fake Uniswap airdrop token. The victim took the phishing bait and claimed the token. They negotiated through a malicious smart contract that gave hackers complete control of the liquidity provider’s wallet.
At the time of the attack, the wallet of the liquidity provider was providing approximately $8 million to the WBTC/USDC liquidity pool on Uniswap version 3.
After illegally gaining access to the wallet, the attacker proceeded to exit the user’s liquidity position, swap assets and take them out. In addition, the hacker transferred funds through Tornado Cash, a transaction mixer on the Ethereum network.
Binance CEO Changpeng Zhao was the first to bring this phenomenon to the attention of the general public. He tweeted that there was a possible hack in the Uniswap protocol but it was later revealed that it was a phishing attack and not an attack on the network.
Our threat intelligence detected a potential exploit on the ETH blockchain on Uniswap V3. The hackers have stolen 4295 ETH so far, and they are being laundered through Tornado Cash. can anyone inform @uniswap, we can help. Thankshttps://t.co/OV3g7ayf77
— CZ Binance (@cz_binance) 11 July 2022
Uniswap founder Hayden Adams also commented that the phishing attack was different from the protocol. he said;
“This was a phishing attack that resulted in some LP NFTs being taken from individuals who approved malicious transactions. Completely different from protocol. A good reminder to protect yourself from phishing and not to click on malicious links.”
This latest attack is a reminder to cryptocurrency investors to take the security of their assets very seriously. Investors and traders should take additional steps to ensure that their funds are safe from attackers.