On 11 July 2022, an attack that impersonated Uniswap occurred, resulting in the exploiter gaining 3,278 Ethereum worth 3.6 million dollars and 240 wrapped Bitcoin worth 4.7M dollars from Positions NFTs in a phishing campaign.
The phishing attack started with the creation of a fake LP token called ‘UniswapLP[.]com’. The exploiter spent 8.5 Ethereum airdropping this fake token to 74,000 wallets using a fake link, some targeting big names in the crypto community like #vitalikbuterin and #justinsun
Once the tokens had been airdropped, users were baited to look at the token’s website. They were greeted with a UNI token rewards claim, equivalent to the airdropped UniswapLP.
This phishing campaign saw exploiters net 8.7 million dollars. The exploit highlights the need to identify imposter accounts from real ones.
Often these accounts will replace a single character or add characters to their names that are otherwise identical to the original account.
Stay vigilant and stay alert, when approaching any announcement, direct message, and link.
To learn more about the Uniswap Phishing Incident visit CertiK.com/resources