Uniswap Hack: Multicall Misused in Phishing Attack, Drains 85 Lido ETH

Cryptocurrency users beware! Hackers are getting craftier.

As a new tactic, wallet drainers are now using Multicall, a legitimate feature of Uniswap V3, to circumvent security measures and carry out advanced phishing attacks. It is this strategy that just recently resulted in 85 Lido ETH displaced from a victim who was unfortunately enticed by the fraudulent actions.

Want to learn how this scam works and how to protect yourself? Read on to find out!

Sneaky Tactics Revealed: How Are They Doing It?

The victim’s story shows how hackers are misusing Permit signatures to pretend they’re the Uniswap Multicall contract and move assets without permission.

Web3 anti-scam platform, Scam sniffer, alerted the community with this latest action of scammers. With the help of Multicall’s aggregate function consisting of permit and transfer features, the drainer executed the transaction stealthily and successfully from the victim, who lost 85 Lido ETH, which is nearly 269,620 s per the market rates.

To stay undetected by MEV (Miner Extractable Value) bots, the attacker also performed checks to ensure the authenticity of the originating address which in return made the attacker’s activity masked and made the identification process more difficult. 

Although different countermeasures were introduced to cope with this type of threat, front-running still proved to be an insurmountable barrier.

Are You Staying Safe?

Developers reacted to this by activating a new version of the Multicall contract with improved permission checks to ensure that front-run attempts won’t take place again. Crypto users owe it to themselves to act carefully and not give any token approval to Uniswap Multicall or rather, such similar contracts. 

As the ERC token approval function is inherent to the nature of a permissionless environment, phishing attacks can be quite challenging to fight effectively.

As the crypto ecosystem continues to develop, maintaining awareness of the best security practices by staying away from malicious actors, as well as maintaining trust in the decentralized finance system, is vital. Be informed, and stay safe!

Also, Read About a Similar Incident: WBTC Investor Loses $71 Million in Deceptive Phishing Attack

Staying informed is key! How do you keep yourself updated on the latest crypto security risks? Share your tips.