In a successful, broadly-targeted phishing campaign, more than 70,000 addresses connected to Uniswap were airdropped tokens that baited users into approving transactions that allowed attackers to control their wallets. After some initial confusion that there might be a vulnerability in Uniswap itself, it was determined that the thefts were being perpetrated through the airdrop, which also linked users to a website that resembled the authentic Uniswap site. Users were tricked into signing the contract, and cryptocurrency and NFTs were stolen from wallets.One single wallet targeted by the phishing attack lost more than $6.5 million worth of Ether and Bitcoin, and another targeted by attackers lost around $1.68 million worth of those currencies.

Total loss estimated at $8,167,500.