Phishing scammers have been spreading fake news of a $37 million dollar Uniswap exploit using a convincing fake Blockworks website.
Phishing scammers have cloned the websites of crypto media outlet Blockworks and Ethereum blockchain scanner Etherscan to trick unsuspecting readers into connecting their wallets to a crypto drainer.
A fake Blockworks site displays a fake “BREAKING” news report of a supposed multimillion-dollar “approvals exploit” on the decentralized exchange Uniswap and encourages users to a faked Etherscan website to rescind approvals.
The fake Uniswap news article was posted on Reddit across several popular crypto-related subreddits by seemingly compromised Reddit accounts.
The fake Etherscan website, which displays a purported token and smart contract approval checker, instead contains a wallet drainer.
Blockchain security firm Beosin reviewed the drainer’s smart contract and told Cointelegraph the attacker hopes to drain wallets with at least 0.1 Ether (ETH), worth $180. However, the drainer is incorrectly set up as “there is no phishing transaction prompted after a wallet is connected.”
Related: 85% of crypto rug pulls in Q3 didn’t report audits: Hacken
An age check of the domains shows the fake Etherscan site, approvalscan.io, was registered on Oct. 25 and the faked Blockworks site, blockworks.media, was registered a day later.
In an Oct. 25 X (Twitter) post, Web3 anti-scam platform Scam Sniffer showed that scammers had deployed a wallet drainer on a website cloning the crypto news outlet Decrypt.
the victim signed Uniswap Permit2 malicious phishing signatures like this pic.twitter.com/NcXIotokwL
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) October 26, 2023
Sam Sniffer told Cointelegraph the faked Blockworks and Decrypt sites are, however, run by different scammers.
Magazine: Ethereum restaking — Blockchain innovation or dangerous house of cards?
Update (Oct. 27, 1:30 am UTC): This article has been updated with further information and comments from Beosin and Scam Sniffer.