Gone Phishing

• CZ reported a potential exploit of Uniswap v3, which was in the middle of being laundered through Tornado Cash.
• The linked Etherscan address shows six transactions from Monday that totaled over 7500 ETH in value, and the wallet has now been labelled – but not as an address linked to an exploit.
• Uniswap later clarified that a number of liquidity providers (LP) had fallen for a phishing scam and that there was no exploit.

• Malicious tokens (called ERC-TOKEN) had been airdropped to over 73,000 LP wallets with a link to a platform that claimed they could be converted into UNI tokens.
• Visiting the interface generated a transaction which, if approved by the user, meant the attacker could “redeem all of the user’s Uniswap v3 LP tokens for their full underlying value”.

Uniswap also gave three pieces of advice: 1) hide spam and tokens with URLs in their name, 2) check domain names on websites; 3) reach out to a company’s official channels if you see something suspicious.Don’t trust, verify, even when the big boys like CZ tweet something out. To find other ways to keep your crypto safe, check out our crypto security guide here.