News View Non-AMP

Uniswap Hack: Multicall Misused in Phishing Attack, Drains 85 Lido ETH

Published by
Elena R

Cryptocurrency users beware! Hackers are getting craftier.

As a new tactic, wallet drainers are now using Multicall, a legitimate feature of Uniswap V3, to circumvent security measures and carry out advanced phishing attacks. It is this strategy that just recently resulted in 85 Lido ETH displaced from a victim who was unfortunately enticed by the fraudulent actions.

Want to learn how this scam works and how to protect yourself? Read on to find out!

Sneaky Tactics Revealed: How Are They Doing It?

The victim’s story shows how hackers are misusing Permit signatures to pretend they’re the Uniswap Multicall contract and move assets without permission.

Web3 anti-scam platform, Scam sniffer, alerted the community with this latest action of scammers. With the help of Multicall’s aggregate function consisting of permit and transfer features, the drainer executed the transaction stealthily and successfully from the victim, who lost 85 Lido ETH, which is nearly 269,620 s per the market rates.

To stay undetected by MEV (Miner Extractable Value) bots, the attacker also performed checks to ensure the authenticity of the originating address which in return made the attacker’s activity masked and made the identification process more difficult. 

Although different countermeasures were introduced to cope with this type of threat, front-running still proved to be an insurmountable barrier.

Are You Staying Safe?

Developers reacted to this by activating a new version of the Multicall contract with improved permission checks to ensure that front-run attempts won’t take place again. Crypto users owe it to themselves to act carefully and not give any token approval to Uniswap Multicall or rather, such similar contracts. 

As the ERC token approval function is inherent to the nature of a permissionless environment, phishing attacks can be quite challenging to fight effectively.

As the crypto ecosystem continues to develop, maintaining awareness of the best security practices by staying away from malicious actors, as well as maintaining trust in the decentralized finance system, is vital. Be informed, and stay safe!

Also, Read About a Similar Incident: WBTC Investor Loses $71 Million in Deceptive Phishing Attack

Staying informed is key! How do you keep yourself updated on the latest crypto security risks? Share your tips.

Elena R

Elena is an expert in technical analysis and risk management in cryptocurrency market. She has 10+year experience in writing - accordingly she is avid journalists with a passion towards researching new insights coming into crypto erena.

Recent Posts

PEPE Price Prediction 2025, 2026 – 2030: Can Pepe Memecoin Reach 1 Cent?

Story Highlights The live price of the PEPE meme coin is . Pepe coin price…

April 25, 2025

Bitcoin Whale Profits $4.7M from 50 BTC Mined 15 Years Ago

A Bitcoin whale just woke up, moving 50 BTC mined over 15 years ago, now…

April 25, 2025

Mercari’s Mercoin Exchange Rolls Out XRP Trading with Wallets Starting at 1 Yen

Mercoin, a Japanese crypto services provider and subsidiary of Mercari Inc., has recently expanded its…

April 25, 2025

Bitcoin Price Prediction for Today: Will the BTC Price Reclaim $94,000 Before the Day’s Close?

The crypto market displayed a blend of bullish momentum and sector-driven outperformance, signaling a potential…

April 25, 2025

XRP News Today : Ripple IPO Plans On Hold Says Ripple President, Monica Long

Ripple News April 25th: Despite ongoing buzz and years of speculation, Ripple has confirmed it…

April 25, 2025

Is This the Game-Changer Pi Network Needed?

The Pi Network community just got some exciting news — and it could mean big…

April 25, 2025