CZ Binance Reports Phishing Attack Targeted at Uniswap Liquidity Providers: 4295 Ethereum (ETH) Stolen

Some liquidity providers on Uniswap, the leading decentralized crypto trading protocol, fell victim to a phishing attack. As a result, these users lost their Uniswap v3 LP tokens to the attackers.

Phishing Attack Not a Uniswap Protocol Exploit

Per a tweet by the Binance CEO, Changpeng Zhao, Uniswap V3 on the Ethereum blockchain has been hit with a web2 phishing attack.  

Binance’s ‘threat intel discovered this security breach. Binance exchange noted that the security team regularly scans public blockchains. A set of transactions on Uniswap v3 Positions triggered an alarm during the scanning exercise on Tuesday. CZ Binance later took to Twitter to notify the top decentralized exchange, Uniswap of the issue.

Notably, the hacker has carted away 4295 ETH worth over $4.7 million at the time of writing, using this address; 0x09b5027eF3a3b7332EE90321E558baD9C4447AFA

More so, the assets were being laundered through the fully decentralized protocol for private transactions on Ethereum, Tornado Cash. This then makes it difficult to name the perpetrator. 

However, the Binance CEO wrote that his team could help resolve the issue. 

Changpeng Zhao tweeted; Our threat intel detected a potential exploit on Uniswap V3 on the ETH blockchain. The hacker has stolen 4295 ETH so far, and they are being laundered through Tornado Cash. Can someone notify Uniswap? We can help. Thanks

“One of the few tokens we listed without requiring direct contact info of the project team. This is where it would have been useful,” he added. 

Read Also: Hacker Receives $6 Million from Aurora Labs for Saving 70,000 ETH from Getting Stolen

UniSwap Protocol is Safe

In a subsequent tweet, CZ Binance reported that the Uniswap team have been contacted, citing that it was a “phishing attack” and not an attack on Uniswap’s protocol.

He wrote, “Connected with the Uniswap team. The protocol is safe. The attack looks like a phishing attack. Both teams responded quickly. All good. Sorry for the alarm. Learn to protect yourself from phishing. Don’t click on links.”

“We have looked into it and believe it is not an issue with the protocol but rather a phishing attack that resulted in the theft of a Uniswap v3,” Uniswap protocol wrote. Reportedly, Uniswap’s smart contract is safe.

To further clarify the occurrence, Uniswap’s CEO tweeted; “This was a phishing attack that resulted in some LP NFTs being taken from individuals who approved malicious transactions. Totally separate from the protocol. A good reminder to protect yourself from phishing and not click on malicious links.”

---

Follow us on Twitter, Facebook, Telegram, and Google News