Uniswap Liquidity Provider Lost $8 million due to Phishing
On Monday, an unknown hacker stole funds from a wallet that is believed to be a liquidity provider on the Uniswap decentralized exchange (DEX). The victim mistakenly gave the attacker access through a fake airdrop.
Smart contract security company PeckShield reported that the liquidity provider inadvertently fell victim to phishing tactics that allowed a hacker to steal more than 7,500 ETH worth about $8 million.
Before the incident, the hacker attracted the victim's attention by using a fake token Uniswap as a bait for phishing. When the victim took the token, she actually interacted with a malicious smart contract, which provided the hacker with full control over the victim's wallet.
During the attack, the wallet provided $8 million to the WBTC/USDC liquidity pool on Uniswap version 3 (which made it a liquidity provider or LP).
Having obtained illegal access to the wallet, the hacker exited the user's liquidity position, exchanged assets and transferred them. At the same time, the hacker sent funds through Tornado Cash (TORN), a transaction mixer on the Ethereum network.
Binance CEO Changpeng Zhao was the first to report the incident. In a tweet, he first claimed that there was a potential vulnerability in the protocol itself, and then made an update noting that this was not the case and that it was just a phishing attack.
Uniswap founder Hayden Adams agreed, saying the phishing attack "has nothing to do with the protocol itself."
https://coin-signal.com/cryptonews/uniswap-liquidity-provider-lost-8-million-due-to-phishing/
#Cryptonews, #Due, #Fraud, #Hack, #Liquidity, #Lost, #Million, #PATTERN, #Phishing, #Provider, #Uniswap
#CryptoNews, #HackFraud