The Uniswap V3 Exploit Turns Out To Just Be A Phishing Scam?
The Uniswap V3 exploit turns out to just be a phishing scam. Earlier today, Changpeng Zhao (CZ) the CEO of the crypto exchange Binance, tweeted out a warning through his Twitter account, alarming the community of a potential exploit and hack on the Uniswap protocol.
The Suspected Exploit
Uniswap is one of the original DeFi applications on the Ethereum blockchain and the smart contract that makes up its protocol reportedly holds nearly $5 billion worth of digital assets.
In his tweet, Zhao explained that he and his team suspected an exploit because they had detected around 4,295 Ethereum, or around $4.7 million, had been drained from Uniswaps protocol and is being laundered through a decentralized application called Tornado Cash.
Our threat intel detected a potential exploit on Uniswap V3 on the ETH blockchain. The hacker has stolen 4295 ETH so far, and they are being laundered through Tornado Cash. Can someone notify @Uniswap? We can help. Thankshttps://t.co/OV3g7ayf77
— CZ 🔶 Binance (@cz_binance) July 11, 2022
What Had Actually Happened
However, only a few hours later after his original tweet, CZ cleared up the alarm by tweeting a screenshot of his conversation with the Uniswap team where they had confirmed the stolen assets to be a result of a regular phishing scam rather than an exploit on Uniswaps protocol.
Connected with the @uniswap team. The protocol is safe.
The attack looks like from a phishing attack. Both teams responded quickly. All good. Sorry for the alarm.
Learn to protect yourself from phishing. Don't click on links. 🙏 pic.twitter.com/FIXebz3iBC
— CZ 🔶 Binance (@cz_binance) July 11, 2022
Apparently, what had happened in this misunderstanding was that the thieves who stole more than 4,000 ETH from the phishing scam were able to change the event data on the blockchain to make it appear like Uniswap was airdropping tokens. The contract directed investors to a website that looks similar to Uniswap, and once users connected their wallets, their cryptocurrency was drained from their wallets.
In the same tweet, CZ apologized for the false alarm and ended his tweet warning users to be careful of the links and websites they visit to avoid being victims of similar phishing scams.
For more info regarding Crypto Alpha and NFTs Alpha. Always follow us at Twitter and Instagram