Binance CEO Changpeng Zhao (“CZ”) sent a tweet on July 11 alarming the Twitter Inc TWTR community of a potential exploit on Uniswap UNI/USD.
What Happened: Uniswap is among the original DeFi applications on Ethereum ETH/USD. The smart contracts that comprise the protocol hold nearly $5 billion worth of digital assets and has been regarded as bulletproof by DeFi investors due to their relatively simple code.
Our threat intel detected a potential exploit on Uniswap V3 on the ETH blockchain. The hacker has stolen 4295 ETH so far, and they are being laundered through Tornado Cash. Can someone notify @Uniswap? We can help. Thankshttps://t.co/OV3g7ayf77
— CZ 🔶 Binance (@cz_binance) July 11, 2022
Zhao also noted in his tweet that 4,295 Ether ($4.7 million) has been drained from Uniswap’s protocol and is currently being laundered through a decentralized application called Tornado Cash.
Shortly after Zhao’s initial tweet, he tweeted a screenshot of a conversation with the Uniswap team. The team notified him that the scam, they believe, was not a problem with the protocol’s code, but rather a sophisticated phishing scam.
How It Happened: The fraudsters were able to change the event data on the blockchain to make it appear that Uniswap was airdropping tokens to those who provide liquidity on the platform. The contract directed investors to a website that looks similar to Uniswap, and once users connected their wallets, their cryptocurrency was drained from their…
