Sophisticated fraudsters are leveraging legitimate blockchain protocols to steal cryptocurrency, according to recent findings by Check Point’s Threat Intel blockchain system. The scams primarily target users of popular platforms like Uniswap and Safe.global, exploiting the trust associated with these well-established services.
Uniswap, the largest decentralised exchange for cryptocurrency tokens, has processed over $1.8 trillion in trading volume since its launch in 2018.Safe.global, a smart contract wallet provider, claims to have facilitated 69 million transactions across 9.5 million accounts, with $100 billion in total assets stored.
The scammers‘ modus operandi involves manipulating functions within these trusted protocols. On Uniswap, hackers exploit the multicall aggregate function, which allows multiple transactions in a single call. This obfuscates their malicious intent. Similarly, on Safe.global, fraudsters utilise the GnosisSafeProxy contract to create seemingly legitimate contracts for their schemes.
One common tactic involves tricking victims into approving transactions that grant the attacker permission to withdraw funds. For instance, an attacker might use Uniswap’s multicall contract as a spender address, exploiting users’ trust in the platform to gain approval for fund transfers.
In a specific case on the Ethereum blockchain, an attacker used Uniswap’s multicall contract to execute a transferFrom function, withdrawing funds from a victim’s wallet after obtaining approval through a manipulated request.
To protect against these evolving threats, experts recommend several precautions:
1. Verify contract legitimacy before approving transactions
2. Avoid blindly accepting transactions, even from trusted sources
3. Perform actions directly on official project websites
4. Exercise caution with emails and social media links
5. Regularly monitor wallet activity
6. Stay informed about the latest scams and best practices