Uniswap protocol liquidity providers were victims of a phishing attack that cost the protocol about $8.6 million in cyber theft. A hacker targeting 7399 Ethereum accounts managed to complete the protocol breach and walk away with the largesse.

Data available from the decentralized exchange revealed that a huge chunk of the losses was incurred by one wallet that provides some liquidity to Uniswap.

The breach occurred late on Monday when the attacker sent a malicious token disguised as the chain’s native token (UNI) to all the 7399 Ethereum wallet addresses that regularly provide liquidity for Uniswap.

The unsuspecting users of the platform were then directed to a fake website already created by the attacker. This fake website was a complete copy of Uniswap’s official website. On the fake website, there was an instruction for Uniswap users to claim fake UNI tokens when they provide liquidity.

When the victims chose the option of providing liquidity, they unknowingly approved a transaction through which the hacker could gain access to their wallets. From here, the attacker could transfer tokens out and drain the wallet.

Despite targeting a huge number of wallet addresses, the bulk of the crypto assets stolen was from one wallet address. The hacker also stole the NFT representing the user’s liquidity level on Uniswap before laundering the loot through Tornado Cash, a private protocol that hides the pathway of funds.

The hacker made away with about 7,500 ETH worth about $8.6 million at the time of the attack. The attack was first discovered by a Metamask security researcher on Twitter but it took Binance’s CEO, Changpeng Zhao to independently tweet, confirming that it was a phishing attack after rescinding his words at first that the protocol was just getting exploited.

These types of attacks are common in the cryptocurrency ecosystem as YugaLab suffered the same fate in May during their “Otherside” NFT collection launch.

Featured image source:

Leave a Reply

Your email address will not be published. Required fields are marked *

Captcha Plus loading...