Uniswap Liquidity Pool Hit With Phishing Attack Totaling $3.5M in Ether

The phishing campaign is part of a much wider hack and is not considered an exploit, according to several users and Uniswap’s founder

by Sebastian Sinclair /
article-image

Blockworks exclusive art by axel rangel

share
  • A phishing attack has hit a major liquidity pool provider for roughly $3.5 million in ether
  • The hack is part of a much wider attack against the protocol’s users, according to Metamask security analyst Harry Denley

A hacker, or group of hackers, executing a phishing campaign on a major Uniswap V3 liquidity pool has made off with NFT positions worth roughly 3,278 ether ($3.56 million).

Detected Monday by several users and Binance’s threat intelligence department, the hacker managed to impersonate Uniswap’s website and dupe a liquidity pool provider into signing malicious transactions.

Uniswap’s liquidity positions on its third iteration are represented as NFTs (non-fungible tokens) which enable users to utilize them as collateral to receive a loan paid out in stablecoins and blue-chip assets.

All but 70 ether ($76,900) have been laundered through crypto mixing service Tornado Cash, according to on-chain data of the address identified as the attacker.

Newsletter

Subscribe to The Breakdown

It appears the victim is part of a much wider attack that targeted roughly 73,399 addresses by sending a malicious token — acting under the false pretense as a UNI airdrop — in an attempt to get users to sign, according to MetaMask security analyst Harry Denley.

The exact amount taken via the campaign is not yet known. A spokesperson for Uniswap Labs directed us to the company’s explanation of the incident.

Loading Tweet..

“A phishing attack that resulted in some liquidity pool NFTs being taken from individuals who approved malicious transactions,” Uniswap founder Hayden Adams later confirmed in a follow-up tweet. “Totally separate from the protocol. A good reminder to protect yourself from phishing and not click on malicious links.”

Binance CEO Changpeng “CZ” Zhao said late Monday he had spoken with Uniswap’s team and assured users the protocol was “safe.”

“The attack looks like…a phishing attack. Both teams responded quickly. All good. Sorry for the alarm,” the CEO tweeted.

The price of UNI, the protocol’s native token, is down more than 11% on the day, from $6.29 to $5.56, exchange data shows.

Sam Martin contributed to reporting.

This story was updated on July 13, 2022, at 3:55 pm ET with a comment from Uniswap Labs.

Get the news in your inbox. Explore Blockworks newsletters:

Tags

Newsletter

The Breakdown

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Digital Asset Summit 2026

Javits Center North | 445 11th Ave

Tues - Thurs, March 24 - 26, 2026

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy ticketslearn more

recent research

Research Report Templates (8).png

Research

Kinetiq Protocol: From LST Infrastructure to HIP-3 Deployer

Kinetiq has established itself as Hyperliquid's dominant liquid staking protocol, holding 82.5% of LST market share with $610M in TVL. The protocol is now expanding beyond its kHYPE staking core into higher take-rate verticals: iHYPE for institutional custody rails, Launch for HIP-3 capital formation, and Markets for builder-deployed perpetuals. We view Markets, launching Jan. 12, as the highest-potential product line given its mechanically scalable, activity-linked unit economics. Near-term revenue remains anchored by kHYPE's KIP-2 fee schedule (~$1.6M annualized), while Markets provides embedded optionality if HIP-3 economics normalize post-Growth Mode. KNTQ's setup is relatively clean: zero insider unlocks until November 2026, 6.2% buyback yield from staking revenue, and cleared airdrop overhang. Risks center on unproven Markets execution, declining kHYPE TVL despite ongoing incentives, and competition from Hyperliquid's native initiatives.

by Shaunda Devens

/

news

article-image

0xResearch NewsletterMarkets

DePIN and crypto gaming led a surprising end-of-year rebound

BTC finished the week up 1.6%, while L2s, RWAs and the treasury trade continued to grind lower

by Kunal Doshi /
article-image

0xResearch NewsletterDeFi

Canton’s $6T RWA rails and Lighter’s Hyperliquid multiple

DTCC moves DTC-custodied Treasuries onchain via Canton, while Lighter’s LIT launches trading at a fees multiple in Hyperliquid territory

by Kunal Doshi&Shaunda Devens /
article-image

The Breakdown

The long wait for crypto’s “coffee pot” moment

In the 90s, rapt audiences worldwide watched a coffee pot — will that fascination ever turn to crypto?

by Byron Gilliam /
article-image

DeFiThe Breakdown

Failure is an option in crypto finance

Some systems improve by failing — and crypto has no choice

by Byron Gilliam /
article-image

0xResearch Newsletter

Yield Basis is making native BTC yield a reality

Yield Basis introduces an IL-free AMM design that already dominates BTC DEX liquidity

by Marc Arjoon /
article-image

The Breakdown

Users are the best investors to have

Maybe tokenholders don’t need the rights that corporate shareholders have come to expect

by Byron Gilliam /

Newsletter

The Breakdown

Decoding crypto and the markets. Daily, with Byron Gilliam.

Blockworks Research

Unlock crypto's most powerful research platform.

Our research packs a punch and gives you actionable takeaways for each topic.

SubscribeGet in touch

Blockworks Inc.

133 W 19th St., New York, NY 10011

Blockworks Network

NewsPodcastsNewslettersEventsRoundtablesAnalytics

Company

AboutAdvertiseCareersTrust & EthicsPrivacyGlossaryContact