Millions in cryptocurrency stolen in phishing attacks on Uniswap users

A phishing attack on users of Uniswap, a decentralized cryptocurrency exchange, has caused millions of dollars in losses.

The incident first came to light on Monday when Binance CEO Changpeng Zhao said his threat intelligence team “detected a potential exploit on Uniswap V3 on the ETH blockchain.”

“The hacker has stolen 4,295 ETH [about $4.6 million] so far, and they are being laundered through Tornado Cash. Can someone notify Uniswap?” said Zhao, who Bloomberg ranks as the 77th richest person in the world.

Uniswap's inventor, Hayden Adams, confirmed that it was a phishing attack.

A Uniswap Labs spokesperson would not confirm the total losses from the phishing attacks but told The Record that the company "proactively investigated the issue with an external security expert."

"This did not take place on our platform, so to prevent users from interacting with other malicious platforms we included safety guidance in our public statements," the spokesperson said.

Zhao later said he spoke with Uniswap officials and verified with them that it was not an exploit causing the theft but a wide-ranging phishing attack targeting the platform's users. 

Researchers from blockchain security company SlowMist pegged the losses at 7,500 ETH, worth more than $8 million. 

Uniswap did not respond to requests for comment but released a statement on Tuesday confirming that the platform was not exploited. 

“Yesterday, some Uniswap LPs [Liquidity Providers] unfortunately fell for a phishing scam, a problem far too common in crypto today,” the company said. 

The company said a phisher had airdropped "malicious" tokens to Uniswap users, directing them to an interface claiming they could swap them for the platform's currency.

The malicious interface allowed the hackers to steal funds from a user’s wallet. 

Harry Denley, a security analyst for cryptocurrency wallet company MetaMask, said 73,399 addresses were sent the tokens.

Phishing attacks have plagued cryptocurrency platforms in recent years. Two weeks ago, NFT giant OpenSea warned of phishing attacks after an employee of its email vendor downloaded and shared email addresses, provided by its users and subscribers to its newsletter, with an "unauthorized external party."

A recent report from blockchain security company CertiK found that phishing attacks targeting the industry have increased by 170% since last quarter.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Jonathan Greig

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.