ETH tokens worth about $4.7 million, other ERC20 tokens, and NFTs have been stolen in a sophisticated Uniswap phishing attack. The attack specifically targeted Uniswap v3 protocol liquidity providers (LPs).
Details are still scanty and the community believes the losses could be more severe.
The first alarm was raised by Metamask security researcher Harry Denley. Denley had informed his Twitter followers yesterday (July 11) that 73,399 addresses had been targeted with fraudulent ERC20 tokens in an attempt to steal their real assets.
Besides the loss of crypto assets for Uniswap users, UNI token holders are also agonizing since the UNI token had lost more than 10% following the attack. At the time of writing, the token was trading at $5.53, down from a 24-hour high of $6.23.
Not a protocol error – Uniswap clarifies
Binance CEO, Changpeng Zhao, also weighed in on the matter saying that at least $4.7 million worth of ETH tokens had been lost during the attack. But as details still keep on trickling in, a famous Twitter user going by the name 0xSisyphus, Yesterday stated that a large liquidity provider with about 16,140 ETH worth about $17.5 million could also have been phished during the attack.
Uniswap team was however quick to respond to Changpeng Zhao and clarified that the attack was not due to an error in the protocol but rather part of a sophisticated phishing attack.
It is feared that the Uniswap phishing attack perpetrators could be exploiting users’ addresses and client information on browsers to drain cryptocurrencies from their wallets. A Reddit thread also described an incident where victims (Uniswap LP holdings) lost ERC20 tokens and NFTs.
The post Uniswap Phishing Attack: UNI token bears the brunt appeared first on Invezz.