Changpeng Zhao (CZ), the CEO of the crypto exchange Binance, tweeted yesterday that their threat intel noticed a potential exploit on Uniswap V3. He also wrote that the hacker managed to steal 4295 Ethers (worth about $4.6 M) and launder them via the mixing tool Tornado Cash. CZ said he wants to help the Decentralized Exchange to solve the issue.
Later it was found out that the matter wasn't related to a protocol vulnerability, but it was a phishing attack. In another tweet, CZ informed that they had a communication with the Uniswap team, and that the protocol's smart contracts are safe.
Uniswap CEO Hayden Adams announced that as a result of the phishing attack, the hacker stole some Liquidity Pool NFTs as users confirmed malicious transactions.
Crypto security researcher Harry Denley tweeted that the hacker sent misleading messages to 73,399 users about a UNI token airdrop.
This was a phishing attack that resulted in some LP NFTs being taken from individuals who approved malicious transactions— hayden.eth 🦄 (@haydenzadams) July 11, 2022
Totally separate from the protocol
A good reminder to protect yourself from phishing and not click on malicious links https://t.co/aj3Zh8UKqF