Liquidity provider Uniswap lost $8 million

A liquidity provider on decentralized exchange Uniswap lost $8 million due to a phishing attack.

An unknown hacker has stolen $8 million from the wallet of a liquidity provider in the Uniswap network.

According to smart contract security firm PeckShield, the liquidity provider fell victim to a phishing tactic, which allowed the attacker to steal over 7,500 ETH tokens (about $8 million).

Prior to the attack, the hacker targeted the liquidity provider using a fake Uniswap airdrop token. The victim took the phishing bait and claimed the token. They interacted through a malicious smart contract that gave the hacker full control over the liquidity provider’s wallet.

At the time of the attack, the liquidity provider’s wallet was providing approximately $8 million to a WBTC/USDC liquidity pool on Uniswap version 3

After illegally accessing the wallet, the attacker proceeded to exit the user’s liquidity position, swapped the assets, and withdrew them. Additionally, the hacker transferred the fund through Tornado Cash, a transaction mixer on the Ethereum network.

Changpeng Zhao, the CEO of Binance, was the first to bring the incident to the attention of the general public. He tweeted that there was a potential hack in the Uniswap protocol, but later revealed it was a phishing attack and not a network attack.

Uniswap founder Hayden Adams also said the phishing attack was separate from the protocol. He said;

“This was a phishing attack that resulted in certain NFT LPs being taken from people who approved malicious transactions. Completely separate from protocol. A good reminder to protect yourself from phishing and not to click on malicious links.

This latest attack reminds cryptocurrency investors to take the security of their assets very seriously. Investors and traders need to take extra steps to ensure their funds are safe from attackers.

Comments are closed.