Binance CEO Reports a Potential Exploit on Uniswap V3
Table of contents
CZ Alerts of a Potential Phishing Attack on Uniswap V3
A few hours ago, the CEO of Binance, Changpeng Zhao alerted the community of a potential exploit on UniswapV3 on the ETH blockchain.
Attaching the link of an Etherscan address, Zhao revealed that the hacker, so far, has stolen 4,295 Ether or $4.7 million, at the time of writing. The stolen ETH were being laundered through Tornado Cash, a cryptocurrency mixer, which makes it difficult to identify the perpetrator.
Shortly after Zhao's initial tweet, he tweeted a screenshot of a conversation with the Uniswap team. The team notified him that they believe it was not an issue with the protocol’s code, but rather a phishing attack that resulted in the theft of a Uniswap V3. Reportedly, Uniswap's smart contract is safe.
"We have looked into it and believe it is not an issue with the protocol but rather a phishing attack that resulted in the theft of a Uniswap V3," Uniswap protocol wrote.
Binance's Security Team Discovered the Attack
The attackers reportedly changed the event data on the blockchain to make it appear that Uniswap was airdropping tokens to the users of the platform. The contract then directed users to a website that looks similar to Uniswap. Once users connected their wallets, their cryptocurrency was drained from their wallets.
The security breach was initially discovered by Binance's threat intel which regularly scans public blockchains. A set of transactions on Uniswap V3 Positions triggered an alarm during its regular scanning activity on Tuesday.