Hackers are becoming more sophisticated and employ different tactics to deceive investors. A method that becoming increasingly popular is a malicious airdrop.
Initially it was believed Uniswap’s protocols were exploited. It was later determined that a phishing attack drained approximately $8 million out of Uniswap’s liquidity providers.
Uniswap is a popular decentralized exchange (DEX) for Ethereum including tokens on the ETH mainnet.
Harry Denley outlined how the phishing
Phishing
Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than technological skill, it is considered to be a social engineering attack. The most common methods for phishing are email, telephone, or text message.How to Defend Against Phishing Attacks?Every phishing attempt has a few basic things in common, which individuals need to be aware of.You should always be on the lookout for offers that are overly lucrative or too good to be true. Click-bait titles or rewards and prizes without any context are red flags.Additionally, a sense of urgency should always be approached with caution. A favorite tactic amongst cybercriminals is to ask you to act fast because the super deals are only for a limited time.Finally, individuals should always be mindful of unusual senders and questionable attachments or hyperlinks. Simply hovering over a link shows you the actual URL where you will be directed upon clicking on it. If anything seems out of the ordinary, unexpected, or simply suspicious it is best to avoid clicking on any links. In the cryptocurrency world, phishing attacks come in forms such as fake wallets that unsuspectingly collect users’ private keys.Fake exchange login pages that collect users’ login data, and fake wallet seed generators that create and then collect the regenerative phrases used to make cryptocurrency wallets.
Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than technological skill, it is considered to be a social engineering attack. The most common methods for phishing are email, telephone, or text message.How to Defend Against Phishing Attacks?Every phishing attempt has a few basic things in common, which individuals need to be aware of.You should always be on the lookout for offers that are overly lucrative or too good to be true. Click-bait titles or rewards and prizes without any context are red flags.Additionally, a sense of urgency should always be approached with caution. A favorite tactic amongst cybercriminals is to ask you to act fast because the super deals are only for a limited time.Finally, individuals should always be mindful of unusual senders and questionable attachments or hyperlinks. Simply hovering over a link shows you the actual URL where you will be directed upon clicking on it. If anything seems out of the ordinary, unexpected, or simply suspicious it is best to avoid clicking on any links. In the cryptocurrency world, phishing attacks come in forms such as fake wallets that unsuspectingly collect users’ private keys.Fake exchange login pages that collect users’ login data, and fake wallet seed generators that create and then collect the regenerative phrases used to make cryptocurrency wallets.
Read this Term attack was carried on his tweeter account.
At the first stage the bad actor hits the explorers index so the ‘From’ address appears legitimate, ‘Uniswap V3: Positions NFT.” This is called an event pollution attack.
Tokens are sent from the bad actor to numerous addresses. Investors that received the tokens are curious why ‘Uniswap’ sent them tokens. When checking the token’s name the investors are lead to the following website: uniswaplp.com (do not visit).
Upon visiting the website, the following message is displayed:
‘Liquidity provider rewards At 14:00 UTC, July 11, 2022, Uniswap distributed the UniswapLP tokens, based on the provided liquidity, to the existing UNI-V3 liquidity providers.
‘If you have received the UniswapLP tokens, then you are eligible to claim the UNI tokens from this page by clicking on the below button.’
As the investors already received tokens from ‘Uniswap’ and that only 10k UNI will be airdropped, if claiming is not done immediately there is a risk of the investors missing a portion from the 10,000 UNI.
Employing fear of missing out (FOMO) played a major role in luring investors into the trap. Upon clicking on the document, a call is made to ethall().
The user’s browser info and wallet address is sent to /66312712367123.com.
It may then ask the user to send the tokens to their ETH address. Upon doing the so, the bad actor gains full access to the victim’s address and drains the account.
The bad actor sent the ‘uniswap’ tokens to over 70,000 address, spending a substantial amount (over 8 ethers) in gas fees. Among the targeted addresses were large ETH holders.
source: twitter
The vast majority of crypto investors are aware of these scams. However, many are caught off guard if they are not paying full attention to the information in from of them.
The bad actor already commenced in laundering the stolen ethers via Tornado Cash, sending 100 ETH per transaction to the mixer.
How to Defend Against Similar Attacks?
There are several methods that be adopted that may reduce the odds of becoming a phishing attack victim in the crypto space. Airdrops must be verified through the project’s social media channels.
It may Twitter, Telegram, Discord etc. If we take a scenario where the project’s social media accounts are compromised, which has occurred in the past, paying attention to the permissions that are given upon interacting with the contract including the web address may help.
Another method, which is fairly new is using Forta, which is offering real time security. Forta’s threat detection kit may be used for threat detections in NFTs, stablecoins, bridges and more.
ZenGo wallet has a feature called ClearSign that verifies interactions with contracts. As attacks are becoming more sophisticated it is essential to take the required time to investigate the legitimacy of what you receive including emails.
Hackers are becoming more sophisticated and employ different tactics to deceive investors. A method that becoming increasingly popular is a malicious airdrop.
Initially it was believed Uniswap’s protocols were exploited. It was later determined that a phishing attack drained approximately $8 million out of Uniswap’s liquidity providers.
Uniswap is a popular decentralized exchange (DEX) for Ethereum including tokens on the ETH mainnet.
Harry Denley outlined how the phishing
Phishing
Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than technological skill, it is considered to be a social engineering attack. The most common methods for phishing are email, telephone, or text message.How to Defend Against Phishing Attacks?Every phishing attempt has a few basic things in common, which individuals need to be aware of.You should always be on the lookout for offers that are overly lucrative or too good to be true. Click-bait titles or rewards and prizes without any context are red flags.Additionally, a sense of urgency should always be approached with caution. A favorite tactic amongst cybercriminals is to ask you to act fast because the super deals are only for a limited time.Finally, individuals should always be mindful of unusual senders and questionable attachments or hyperlinks. Simply hovering over a link shows you the actual URL where you will be directed upon clicking on it. If anything seems out of the ordinary, unexpected, or simply suspicious it is best to avoid clicking on any links. In the cryptocurrency world, phishing attacks come in forms such as fake wallets that unsuspectingly collect users’ private keys.Fake exchange login pages that collect users’ login data, and fake wallet seed generators that create and then collect the regenerative phrases used to make cryptocurrency wallets.
Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than technological skill, it is considered to be a social engineering attack. The most common methods for phishing are email, telephone, or text message.How to Defend Against Phishing Attacks?Every phishing attempt has a few basic things in common, which individuals need to be aware of.You should always be on the lookout for offers that are overly lucrative or too good to be true. Click-bait titles or rewards and prizes without any context are red flags.Additionally, a sense of urgency should always be approached with caution. A favorite tactic amongst cybercriminals is to ask you to act fast because the super deals are only for a limited time.Finally, individuals should always be mindful of unusual senders and questionable attachments or hyperlinks. Simply hovering over a link shows you the actual URL where you will be directed upon clicking on it. If anything seems out of the ordinary, unexpected, or simply suspicious it is best to avoid clicking on any links. In the cryptocurrency world, phishing attacks come in forms such as fake wallets that unsuspectingly collect users’ private keys.Fake exchange login pages that collect users’ login data, and fake wallet seed generators that create and then collect the regenerative phrases used to make cryptocurrency wallets.
Read this Term attack was carried on his tweeter account.
At the first stage the bad actor hits the explorers index so the ‘From’ address appears legitimate, ‘Uniswap V3: Positions NFT.” This is called an event pollution attack.
Tokens are sent from the bad actor to numerous addresses. Investors that received the tokens are curious why ‘Uniswap’ sent them tokens. When checking the token’s name the investors are lead to the following website: uniswaplp.com (do not visit).
Upon visiting the website, the following message is displayed:
‘Liquidity provider rewards At 14:00 UTC, July 11, 2022, Uniswap distributed the UniswapLP tokens, based on the provided liquidity, to the existing UNI-V3 liquidity providers.
‘If you have received the UniswapLP tokens, then you are eligible to claim the UNI tokens from this page by clicking on the below button.’
As the investors already received tokens from ‘Uniswap’ and that only 10k UNI will be airdropped, if claiming is not done immediately there is a risk of the investors missing a portion from the 10,000 UNI.
Employing fear of missing out (FOMO) played a major role in luring investors into the trap. Upon clicking on the document, a call is made to ethall().
The user’s browser info and wallet address is sent to /66312712367123.com.
It may then ask the user to send the tokens to their ETH address. Upon doing the so, the bad actor gains full access to the victim’s address and drains the account.
The bad actor sent the ‘uniswap’ tokens to over 70,000 address, spending a substantial amount (over 8 ethers) in gas fees. Among the targeted addresses were large ETH holders.
source: twitter
The vast majority of crypto investors are aware of these scams. However, many are caught off guard if they are not paying full attention to the information in from of them.
The bad actor already commenced in laundering the stolen ethers via Tornado Cash, sending 100 ETH per transaction to the mixer.
How to Defend Against Similar Attacks?
There are several methods that be adopted that may reduce the odds of becoming a phishing attack victim in the crypto space. Airdrops must be verified through the project’s social media channels.
It may Twitter, Telegram, Discord etc. If we take a scenario where the project’s social media accounts are compromised, which has occurred in the past, paying attention to the permissions that are given upon interacting with the contract including the web address may help.
Another method, which is fairly new is using Forta, which is offering real time security. Forta’s threat detection kit may be used for threat detections in NFTs, stablecoins, bridges and more.
ZenGo wallet has a feature called ClearSign that verifies interactions with contracts. As attacks are becoming more sophisticated it is essential to take the required time to investigate the legitimacy of what you receive including emails.
