The global crypto market is now in a downtrend condition. Investors are eagerly waiting for the next bull run. The digital assets are held by crypto investors for a long time. In this unfavorable situation, a phishing scam has shaken the Ethereum blockchain. The overall market has already been impacted by this $8.6 million scam. A phishing scam took place on the Uniswap exchange. The aim was to steal the Uniswap users’ assets with a smart contract.
Uniswap is the largest decentralized crypto exchange in the global market. This exchange user have been scammed on July 12, 2022. The phishing scam offered some fake UNI tokens and grabbed all the assets of the users with laundering tricks. Over $8 million loss was faced in the Ethereum blockchain.
How Did The Phishing Scam Happen?
Phishing is a hacking process that is implemented through fake mimicking websites and well-planned techniques. The current phishing scam was led by a hacker through a smart airdrop. Airdrop is the malicious or fake offer of a free token given by unknown sources or hackers.
This phishing started by mimicking the Uniswap website. The scammer offered free UNI tokens to Uniswap users. There were about 400 free UNI tokens. Which is priced at around $2,200. The website seemed like the real Uniswap website. Though there was a red alert in its domain. The official domain is .org. Whereas the phishing happened with .com.
The scammer’s aim was only to convince the users to redirect to this fake website. Then they were offered free UNI tokens which were fake. In this stage, users were asked to click to claim the reward. After clicking on the button, unknowingly users gave the entire control of their Ethereum wallet to the scammer. Then it succeeded.
The Amount Of The Phishing Scam :
The total amount of the loss led by this phishing is around $8.6 million. It has robbed a total of 7,574 Ethereum tokens. Which is priced at over $8 million.
It was reported that the fake reward link was circulated among 73,399 users, who held UNI tokens. The sender of the airdrop had no validation. Though it acted like the original Uniswap source.
The scammer created a mask for the ‘setApprovalForAll’ function. It helped to allow redeeming all Uniswap V3 LP tokens for Ethereum in the user’s wallet.
In the first attempt, the hacker succeeded in stealing 7,574 Ethereum tokens. Then immediately, 7,500 Ethereum was moved to Tornado cash service with laundering tricks.
How to protect yourself from a phishing scam?
Nowadays, the airdrop is the most popular weapon to get the phishing victim the hackers. Airdrop means free cryptocurrency which seems like it is offered by the original service provider. But airdrop is the initial stage to getting a successful phishing scam.
First of all, if any free product is given to someone then it is blindly considered that the user is the product. In the case of free currencies, it can happen a few times by authentic sources. But not always. If you are a crypto trader or investor, you should be aware of this basic thing to protect yourself. The protection can be implemented by analyzing main three ambits-
- The domain name of the source should be checked well. It should be verified if the source’s website is authentic or if it is different from the real one. If not, then go back and don’t look into it.
- Next is the validation. The validation of the offer can be checked easily. You can search the original website. If there are the same offer for the users and valid ones given to you then it is favorable.
- Last but not the least, the source of the offer can be verified. Verifying the source exposes all the blunders in it.