On July 12, 2022, the Uniswap V3 platform suffered a phishing attack. According to Tokenview data, the attackers have stolen 7,573 ETH, worth about $8.1 million.
1 CZ early warning
Binance CEO CZ tweeted that hackers stole 4,295 ETH on the Uniswap V3 platform. Initially CZ explained the attack as a protocol vulnerability of Uniswap V3, but it was quickly clarified that it was a phishing campaign. Uniswap founder Hayden Adams also confirmed that the attack has nothing to do with the Uniswap protocol, but a phishing attack. Some LP NFTs will be stolen due to delayed approval of transactions, which has nothing to do with the Uniswap protocol itself. And remind users not to click malicious links again. According to the latest price data from Tokenview, the UNI token price has dropped to $5.57 at the time of writing, a 6.9% drop in 24 hours.
According to Tokenview data, from 04:47:22-04:52:07 on July 12, Uniswap has lost more than 7,573 ETH, worth about $8.1 million, in phishing attacks. The attacker then mixed 7,500 ETH in batches (100ETH each) through Tornado Cash.
2 Phishing attacks
MetaMask security analyst Harry Denley tweeted that there is evidence that the attack is purely targeting native tokens (ETH, BNB) and Uniswap LP positions. Denley was one of the first to sound the alarm about the attack. And tweeted to remind that the attack sent malicious links by disguising as UNI airdrops in an attempt to get users to sign, and a total of about 73,399 addresses were attacked.
According to Denley, the phishing attack works by sending users a “malicious token” called “UniswapLP” — by manipulating the “From” field in blockchain transaction browsers to make it appear to be from a legitimate The "Uniswap V3: Positions NFT" contract. The fake contract sends tokens to users, and the final token name directs them to the fake website "/uniswaplp.com", which models the real Uniswap. The website will send the user's address and browser client information to /66312712367123.com (the attacker's command center), and then try to steal the user's encrypted assets.
According to Tokenview data, attackers stole a total of 3,278 ETH of NFT positions through fake contracts, worth about $3.56 million.
At present, Uniswap has lost about 8.1 million US dollars. But as relevant data continues to be updated, the attack could cause more damage.
Phishing attacks on NFT and DeFi markets are emerging one after another. The current use of phishing attacks seems to have become a popular way of theft in the encrypted market. According to relevant statistics, in 2021, the asset loss caused by phishing attacks in the blockchain network will exceed 6.4 billion US dollars. The attack on Uniswap once again issued a warning to the encryption community that it is necessary to pay attention to the learning of anti-phishing knowledge. Tokenview once again reminds users to be vigilant against unknown/malicious links, carefully check transaction information, and protect sensitive information such as account passwords, mnemonics, and private keys.
