According to the head of the Binance bitcoin exchange, Changpeng Zhao, site researchers have discovered a potential vulnerability in the third version of Uniswap (v3). It soon turned out that this was a phishing attack on the user, and not a protocol vulnerability.
Our threat intel detected a potential exploit on Uniswap V3 on the ETH blockchain. The hacker has stolen 4295 ETH so far, and they are being laundered through Tornado Cash. Can someone notify @uniswap? We can help. thankshttps://t.co/OV3g7ayf77
— CZ 🔶 Binance (@cz_binance) July 11, 2022
Zhao says the attacker withdrew 4,295 ETH ($4.6 million at the time of writing) from the protocol and sent it to the Tornado Cash mixer.
PeckShield stated that there was an attack on a liquidity provider (LP).
Here is the approve tx. So it is not an exploit on @uniswap. Instead of someone with the UniswapV3 Liquidity Positions got phished to approve on their positions. @cz_binance https://t.co/atwbLoh7J5 https://t.co/LwQQDZZHTs
— Peck Shield Inc. (@peckshield) July 11, 2022
The phishing campaign was first reported by security specialist Harry Denley. He added information that the attackers sent malicious tokens under the guise of an airdrop from Uniswap to more than 70,000 addresses.
⚠️ As of block 151,223,32, there has been 73,399 address that have been sent a malicious token to target their assets, under the false impression of a $UNI airdrop based on their LP’s
Activity started ~2H ago
0xcf39b7793512f03f2893c16459fd72e65d2ed00ccc: @uniswap @etherscan pic.twitter.com/5W51AikFuV
— harry.eth 🦊💙 (whg.eth) (@sniko_) July 11, 2022
The interested victim is redirected to a fraudulent site. Subsequently, the hackers steal the funds.
At the moment, there is no exact information about the number of robbed users and the total amount of damage.
At the moment, there is information from Changpeng Zhao and the Uniswap team that the protocol is secure.
connected with the @uniswap team. The protocol is safe.
The attack looks like from a phishing attack. Both teams responded quickly. All good. Sorry for the alarm.
Learn to protect yourself from phishing. Don’t click on links. 🙏 pic.twitter.com/FIXebz3iBC
— CZ 🔶 Binance (@cz_binance) July 11, 2022
